dee83c0aac79cf4787f88e53738f6c79_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dee83c0aac79cf4787f88e53738f6c79_JaffaCakes118
Size

264KB
MD5

dee83c0aac79cf4787f88e53738f6c79
SHA1

33a92b4b81e7f040726551574fa2a93e191b554c
SHA256

325af110699d4a5b7f65bd2d1f81fbd1be97a2c41f1acc4108db0832754f69ff
SHA512

3b096639157965e9a3d0add525c9ec22640747dc652801861d6ebccb06a04c2e12cce0c0e2096d7d60b5a811229cea17fe7f8ba8f816f977e76131524b2877c1
SSDEEP

3072:06p2Uh/29pi48H6OgabhLuMSf80z1+T7wB/04GxZJnBIPe1uee4G/3V34Z:0sh/t48BdSfLzs4h04G1B31A4u3Vo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dee83c0aac79cf4787f88e53738f6c79_JaffaCakes118

Files

dee83c0aac79cf4787f88e53738f6c79_JaffaCakes118
.exe windows:4 windows x86 arch:x86

690ca06fb8c5f1e5b6d88bdc2bc8ac63

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_controlfp
__dllonexit
_onexit
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
??1type_info@@UAE@XZ
??3@YAXPAX@Z
printf
fopen
fclose
exit
_CxxThrowException
__CxxFrameHandler
??2@YAPAXI@Z
free
_except_handler3
realloc
_stricmp

kernel32

GetModuleHandleA
OutputDebugStringA
CreateFileA
WriteFile
CloseHandle
HeapFree
IsBadReadPtr
LoadLibraryA
GetProcAddress
Sleep
VirtualFree
VirtualProtect
VirtualAlloc
GetProcessHeap
HeapAlloc
GetStartupInfoA

Exports

Exports

SPACE

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ