ee98f8bc7ed48c379bf6f5fbc0ab0b5c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ee98f8bc7ed48c379bf6f5fbc0ab0b5c_JaffaCakes118
Size

187KB
MD5

ee98f8bc7ed48c379bf6f5fbc0ab0b5c
SHA1

a7cab8cfd79f2dd6be8efcf2a3dbc405447c8a53
SHA256

cdf231f041aa394631c110c7cf0767f9cca7cd3e4d8e47d7bc7f9c8d272aa69b
SHA512

28b29bd4aed36f4a416d5d4fb3cdfbb486a5759793869a0fc7732e3bc91ac3d1bfc662dec4b9c52eb6d8334172358a3a920eb45afe615a693429a23a96b28c49
SSDEEP

3072:8DebCa+N4wa37Qdq23qcPV82dWpEs1Yjh1GlllbYrW:8UE4warQ48nPV8eWGSYjhUXyr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ee98f8bc7ed48c379bf6f5fbc0ab0b5c_JaffaCakes118

Files

ee98f8bc7ed48c379bf6f5fbc0ab0b5c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

43c51ee68aaefe75a546b38ddaf5cd8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\MyNewFolder\IsTest\Document\Work.exe

Imports

msvcrt

__set_app_type
wcscat
_controlfp
isxdigit
__p__commode
__p__fmode
gmtime
_initterm
fputs
_amsg_exit
_ismbblead
iswspace
exit
_exit
_XcptFilter
iswprint
_cexit
__getmainargs
__setusermatherr

kernel32

GetExitCodeThread
EscapeCommFunction
EnumResourceNamesW
SetFileAttributesA
SetupComm
LocalSize
GetNumberFormatW
CreateFileA
SystemTimeToFileTime
SetFileTime
FormatMessageA
IsBadReadPtr
TlsGetValue

Exports

Exports

_RegisterDeviceNotificationARegisterDeviceNotificationA@0
_RegisterDeviceNotification_A@0

Sections

.text
Size: 153KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ