ddfaecd57e6f436767678af43b5c1faf_JaffaCakes118 | Triage

Sharing

General

Target

ddfaecd57e6f436767678af43b5c1faf_JaffaCakes118
Size

75KB
MD5

ddfaecd57e6f436767678af43b5c1faf
SHA1

d309138a63ed2766ff44a8e93e98ca30857fbf8a
SHA256

ccfc67c31948be5de10082e5f2b2559cd52a06bc0186eac895f40fe0443a6d70
SHA512

c597c3632c69ef71972752ce74eb6002fb7ce7bf8b5705b1925ca084424a0a59613351173289a8d61e0d81cc55d1e45625ce4e4d8948b025b1c644baf37acffc
SSDEEP

1536:vkuCyfgZBIDrhw+47CeJp6HbZehdnhtbZLE:K49V4REH8/htZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ddfaecd57e6f436767678af43b5c1faf_JaffaCakes118

Files

ddfaecd57e6f436767678af43b5c1faf_JaffaCakes118
.exe windows:1 windows x86 arch:x86

5d722ae89660ec5edaadd641ff1a5bb6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_acmdln
_mbstrlen
_mbscspn
_mbctoupper
__getmainargs
_mbsncat
_statusfp
__setusermatherr
_initterm
_mbsnbcpy
_exit
memcpy
_purecall
__p__fmode
_getch
_commit
_c_exit
_cwprintf
__set_app_type
__p__commode
_controlfp
fsetpos
_except_handler3
_adjust_fdiv
_ismbbgraph
wcstoul
swscanf
_XcptFilter
exit
vprintf

kernel32

HeapSize
SizeofResource
HeapAlloc
DuplicateHandle
DeleteFileA
LoadLibraryW
GetModuleHandleA
TlsFree
GetStartupInfoA
HeapCreate
GlobalAlloc
SetLastError
GetStdHandle
GetCommandLineA
SetStdHandle
GetCurrentProcess
OpenProcess

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ