eae9e50388c265afa2cb9708c04c6bae_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eae9e50388c265afa2cb9708c04c6bae_JaffaCakes118
Size

12KB
MD5

eae9e50388c265afa2cb9708c04c6bae
SHA1

1664db26272edc0abff7838fdb53808c5b3c396b
SHA256

47022dcfa4db1ee52e8a717034895cd3a58228f6c5cc68ae3dc6754bfa3e7345
SHA512

8ac338938125238bbe5db685e79f90d4328b32ad5e2ed10275acb063552a03a4f9d7df1ccef3b39145400af7fdb92514bb1214c1285fd039f97e8a0d1f177c94
SSDEEP

96:nPCr2LLhJBJOV+8Tt8JJMGmrDWeoRbMpyQgoGWfbgkqeae3sKQpQ0mo8JQ0TjUPi:nE2LLhkQ+tkJSDvoRqgj+KrtecJd5z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eae9e50388c265afa2cb9708c04c6bae_JaffaCakes118

Files

eae9e50388c265afa2cb9708c04c6bae_JaffaCakes118
.exe windows:1 windows x86 arch:x86

9aca3f590e687260a63387c13aa2056f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

cw3230

_memcpy
_fread
_strcat
_printf
_malloc
_fwrite
@_CatchCleanup$qv
@__lockDebuggerData$qv
@__unlockDebuggerData$qv
@strchr$qpci
@strrchr$qpci
__ExceptionHandler
___debuggerDisableTerminateCallback
__argc
__argv
__exitargv
__flushall
__setargv
__startup
_abort
_exit
_fclose
_filelength
_fopen
_fprintf

kernel32

TlsSetValue
TlsGetValue
LocalFree
TlsFree
TlsAlloc
LocalAlloc
GetModuleHandleA

Exports

Exports

__DebuggerHookData
__GetExceptDLLinfo
___CPPdebugHook

Sections

CODE
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ