efd96391483d67c9be51ff3b0633f7d6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

efd96391483d67c9be51ff3b0633f7d6_JaffaCakes118
Size

85KB
MD5

efd96391483d67c9be51ff3b0633f7d6
SHA1

047da796ef50f851569e3eeda19fd29d8f4fe435
SHA256

c9c69ce33e49eb539949d112a73b9d2b5863c192a4f64361fb7910b1537f92dd
SHA512

2829d83c568e23e4129934a8f3db5368d62750f5f62bc84480a5d6eadde251512c7a6194de80f1126ffc3db321a12da161b788a47345faa423a922e4f8ea5249
SSDEEP

1536:suXXsorp/gIOV/jrg3zvYLaB9YXSau+Yx8e9/i0SMRDaX+it:BXsorPW/jrCzYGnYXyn+e9/i0XI+it

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
efd96391483d67c9be51ff3b0633f7d6_JaffaCakes118

Files

efd96391483d67c9be51ff3b0633f7d6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

22da26e7bd8fbe990147fbd824af46b0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

fopen
__getmainargs
_acmdln
_initterm
_stricmp
__setusermatherr
_adjust_fdiv
__p__commode
cos
strcmp
free
_onexit
fclose
_XcptFilter
__p__fmode
malloc
calloc
exit
fwrite
_except_handler3
_exit

kernel32

GetStartupInfoA
GetModuleHandleW
VirtualProtect

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 602B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ