de1d9ad360263944af5fb4597e08f828_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

de1d9ad360263944af5fb4597e08f828_JaffaCakes118
Size

12KB
MD5

de1d9ad360263944af5fb4597e08f828
SHA1

d61a4f96692181ec97b55b98cc8e9a2fdb7a76d6
SHA256

73aba1837ccd817f5cc2181d2ca6bdc1c0d868eda97fdd17bcd2bf3b912cf2b8
SHA512

323e4be4ad6ded26b45003ca120959bdd646dc2e792fef491e5557b106e86eeaacd290f82ce1039a828faf049e5f8999985b4113ea2cca299cf46a403f240e43
SSDEEP

192:c44ac4k4XN7F7nz8ZiqIXsP18touF3lcfFf5yqGhHLSX9PF:cv34XRF3+iqis9QlcffyqaeP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de1d9ad360263944af5fb4597e08f828_JaffaCakes118

Files

de1d9ad360263944af5fb4597e08f828_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1702868b0f41259d12ede3145afa3dab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

AddAtomA
ExitProcess
FindAtomA
GetAtomNameA
GetFullPathNameA
GetVolumeInformationA
SetUnhandledExceptionFilter

msvcrt

_setmode
_strlwr
__getmainargs
__p__environ
__p__fmode
__set_app_type
_assert
_cexit
_iob
_onexit
_setmode
abort
atexit
free
fwrite
malloc
memset
signal
strchr
strlen

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 224B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE