fbf050ffedae60f05d8deea7d93f7843_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fbf050ffedae60f05d8deea7d93f7843_JaffaCakes118
Size

21KB
MD5

fbf050ffedae60f05d8deea7d93f7843
SHA1

e769c6a8746218877b3f1bd063e9a77b63e3fe98
SHA256

2ee410887d262b7fca765e93c6b137b85e5d96c1e2895d4f63c9a6800dea5a27
SHA512

18e9f2db49e48a39b55bce70fa5056b643e5db6c2b5a9dd4a6e9856991a77e8b342b03669d61ae428cbf435f0d7998aef894f68f36f087d58ecc37aac51ad2a9
SSDEEP

384:YY1+5H5o/teBFFX9jxd0gHx80RoUVA1AoP:YY1+To/tYFFX9jxd0E8VUV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fbf050ffedae60f05d8deea7d93f7843_JaffaCakes118

Files

fbf050ffedae60f05d8deea7d93f7843_JaffaCakes118
.exe windows:1 windows x86 arch:x86

55e6abba866d3b35cb1730e626f43b1f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetModuleHandleA
RtlUnwind

user32

DialogBoxParamA
EndDialog
GetDlgItemTextA
MessageBoxA

crtdll

__GetMainArgs
atof
exit
floor
raise
signal

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 88B - Virtual size: 88B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 620B - Virtual size: 620B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 572B - Virtual size: 572B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE