e1117e2a142bf09b79c2b6b6b856e1ad_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e1117e2a142bf09b79c2b6b6b856e1ad_JaffaCakes118
Size

61KB
MD5

e1117e2a142bf09b79c2b6b6b856e1ad
SHA1

34d603214b731aa335c0115f69e6a2e2b9afcc4e
SHA256

0ff292ed19da408b13e86022f8e8d73e178462c15b73b23cd0d78513eb31a588
SHA512

f94ab612f8b1b999ee16b874894871352076d369c64e055e0630557d9808a71b143868541be627dc66e1d56e204020ae2c2ebefe6e7e73d1c41e3acba7c206e2
SSDEEP

1536:v+uw5iCTsMwP8oxAZulLryrEyEDyIPMT5Joi0uUZH9ENdbh7jwRg4V:LCAFkorLrBy3QMT5OCNdbi64

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1117e2a142bf09b79c2b6b6b856e1ad_JaffaCakes118

Files

e1117e2a142bf09b79c2b6b6b856e1ad_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e1112b6722a3cce6443d7e0d778068c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitThread
FindResourceA
SetCurrentDirectoryA
SetLastError
ExitProcess

msvcrt

__p__commode
__set_app_type
fprintf
swscanf
wcscat

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 624B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ