f5815f9ef8ddf601fde48b734da3de0e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f5815f9ef8ddf601fde48b734da3de0e_JaffaCakes118
Size

36KB
MD5

f5815f9ef8ddf601fde48b734da3de0e
SHA1

23d510aa984bbf2c847d5fea2fbcddb18b208597
SHA256

b9aa5b764c07a7789e29d688be0a619f37a3c60f21191f0fadc52f72e1044452
SHA512

a13f8525bb7a27ca289de92958dbdb6986a095f068f7bcb60ee385b48acc0e2d033eccd8c4afee0100ec4265a4ff2b31d9b13a7f635b65ec7c1f4bd7814e884e
SSDEEP

768:SdqhgNVxwJS2N3LXwWSaWp0zPFxR0iYAp4OvMGc:SdGS25gv8PR0iYwJMV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5815f9ef8ddf601fde48b734da3de0e_JaffaCakes118

Files

f5815f9ef8ddf601fde48b734da3de0e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7abc1ffce61059819624ae97e5cc0976

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileA
CreateMutexA
EnumResourceLanguagesA
ExitProcess
GetACP
GetCommandLineA
GetDateFormatA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetSystemDirectoryA
GetSystemTime
GetWindowsDirectoryA
Module32Next
OutputDebugStringA
TlsSetValue
VirtualAlloc
VirtualAllocEx
VirtualFreeEx

msvcrt

__getmainargs
__p__commode
__set_app_type
_cexit
_except_handler3
_wcsicmp
malloc
setlocale
sscanf
wcscpy
wcslen

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ