fa04f962c3d71c2cc580c2f190f29cb0_JaffaCakes118 | Triage

Sharing

General

Target

fa04f962c3d71c2cc580c2f190f29cb0_JaffaCakes118
Size

215KB
MD5

fa04f962c3d71c2cc580c2f190f29cb0
SHA1

d3dcd73a001817bae00ca97f3558183aaca2ee8b
SHA256

49339d699267b36946e832c886acb6ec88c7c19b520b8fa76050855b7fe9fa05
SHA512

c18e2ba3f1401e247d51e728232b69023f61e03079d18aba4001501cd892918166fb0dc7556b7d64c22e1033d7a59c91f2eff50f15940ac16e455f383ccc4ba9
SSDEEP

3072:a9rbjuGbkCBq7JvjwEKnzumRrKV4dwAXeGlhgFIgTpQ:SjurIkj7ku+rKanFgTpQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa04f962c3d71c2cc580c2f190f29cb0_JaffaCakes118

Files

fa04f962c3d71c2cc580c2f190f29cb0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

22862a0a5c83d27a3ea1f3e845f0078b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__set_app_type
_except_handler3
__p__fmode
_controlfp
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
memcpy
memset
realloc
_stricmp

kernel32

GetModuleHandleA
lstrlenA
VirtualAlloc
GetProcessHeap
HeapAlloc
IsBadReadPtr
LoadLibraryA
GetProcAddress
VirtualFree
VirtualProtect
GetLastError
GetStartupInfoA

Sections

.text
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE