fc213cc36dd2b70cd645653489a530fd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fc213cc36dd2b70cd645653489a530fd_JaffaCakes118
Size

33KB
MD5

fc213cc36dd2b70cd645653489a530fd
SHA1

6c768438e6ca0ab401fd4044e4c7e49b4a1d5a25
SHA256

52c38f741bb412d1a6362fe7a13ef2102c782e5cadbdebed1ff9838dbc3cefda
SHA512

19e9213c76ced230d2529055f5af027f270feb843d500c8b90a8de6dc4c8872bdf2f6126818145f9d5a51eea38b23b96cb6e581dbf9d93672a244ce5dd204d39
SSDEEP

768:sO0uPp9GWuceV/UvLAwhPrb9ouXtDRNFgFayujqoK:sOjp9vMQb9oeDRNFpjdK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc213cc36dd2b70cd645653489a530fd_JaffaCakes118

Files

fc213cc36dd2b70cd645653489a530fd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a3b3a3d29d1f8c9de7f1b6f47ece43eb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
lstrcatA
GetSystemDirectoryA
GetModuleFileNameA
GetModuleHandleA
GetStartupInfoA

user32

wsprintfA

iphlpapi

GetAdaptersInfo

msvcrt

_acmdln
??3@YAXPAX@Z
??2@YAPAXI@Z
memset
fclose
fwrite
fopen
memcpy
fread
__CxxFrameHandler
_exit
_XcptFilter
exit
fseek
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

Sections

.text
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 985B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 85B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 511B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE