eb2794aa5182c190e44e26cc30b7fd36_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eb2794aa5182c190e44e26cc30b7fd36_JaffaCakes118
Size

360KB
MD5

eb2794aa5182c190e44e26cc30b7fd36
SHA1

59e43d8d90172400e555ef461e5e769ee55e4009
SHA256

4ab740ed0097f8be3e467df9b32bbb1457fae39ea036863ea58b974b489712ad
SHA512

08638775fe71fff9c07e2b2fbc1ebaaf1b9b608d1aa8295105da8e5d8d5f13145ecf9e54aab28f30a961e3c36592e7b9ca9ba27f704d7fab7485918457f2dd47
SSDEEP

6144:DN77guoBwd+Fesa+WcLlsCV6jjdanyw34ANdkBiOenSSltDAoNp2gFisHQJ27o:DN7cDBleoWSmxdsVoANWBmnSSHkYp/QZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb2794aa5182c190e44e26cc30b7fd36_JaffaCakes118

Files

eb2794aa5182c190e44e26cc30b7fd36_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9cebe2302fde41244f3390ba192dc8e6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
GetCurrentThreadId
VirtualAlloc
GetVersion
CreateFileMappingA
SetEndOfFile
InterlockedDecrement
QueryPerformanceCounter
VirtualFree
VirtualQuery
ReadFile
SetHandleCount
GetLocaleInfoA
WideCharToMultiByte
LCMapStringA
EnterCriticalSection
MapViewOfFile
ExitProcess
GetModuleHandleA
GetStartupInfoA

msvcrt

exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_exit
_XcptFilter
_strcmpi

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 347KB - Virtual size: 347KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ