de1de1442c47e35889aba6e3dbe22f39_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

de1de1442c47e35889aba6e3dbe22f39_JaffaCakes118
Size

120KB
MD5

de1de1442c47e35889aba6e3dbe22f39
SHA1

0ff14b8c533b8e632992242fa797a6bb69af0f4c
SHA256

620e5dbd8cbb38282d5af14679b467affd8ca7a4dd37e9f2d4dcdf4903bb0c19
SHA512

945be2538566637945481afb53538d117f24a7c10a7ab4d2a993c517f6fa4fa107a22488d1982e8a869afa1dad8e198b7701eaaea645a96a9ad564bd20fe7559
SSDEEP

3072:m/BI4QbZiKwEFH1oFNxgnDjKrNSSb75jwaaHw7Koj4r71M61:aOXYK1HUDgSrESb7U/1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de1de1442c47e35889aba6e3dbe22f39_JaffaCakes118

Files

de1de1442c47e35889aba6e3dbe22f39_JaffaCakes118
.exe windows:65535 windows x86 arch:x86

932fb3bfe5a8c627c1ae3aeefad60469

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
CreateFileA
VirtualProtect
GlobalAlloc
VirtualAlloc
GetDateFormatA

msvcrt

__p__commode
_adjust_fdiv
__p__fmode
__setusermatherr
__set_app_type
_except_handler3
_initterm

Sections

.text
Size: 60KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsr1
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE