ff6832be46c6eeede4ee3ea6fb3bc33b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ff6832be46c6eeede4ee3ea6fb3bc33b_JaffaCakes118
Size

109KB
MD5

ff6832be46c6eeede4ee3ea6fb3bc33b
SHA1

19bba8d128375db270f870dace6c9386c92be301
SHA256

42c9b25d8ef6b5572008169d71a46c10af4377a514aaca31436a7e59a257ba50
SHA512

d99f18a783d9c3ad2b44e57a3a421ddae4ee8c467e97f0051e64f3fab98b2ff87b35c17feef9815ecc9862c151ab65368ad4ef8f757113f6d5017ff4e63149b7
SSDEEP

3072:xfRcxTYaPSgUMej+4vPGBFUzfXtdHvBKriFJ+:xf3aPSgOZL5bw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff6832be46c6eeede4ee3ea6fb3bc33b_JaffaCakes118

Files

ff6832be46c6eeede4ee3ea6fb3bc33b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

534f6055a57ce0164124c3a667eba33b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

AddAtomA
DeleteFileA
ExitProcess
FindAtomA
LoadLibraryA
GetProcAddress

msvcrt

_getpid
_strdup
__getmainargs
__p__environ
__p__fmode
__set_app_type
_assert
_cexit
_errno
_iob
_onexit
_setmode
_spawnv
_stat
abort
atexit
calloc
exit
fprintf
free
getenv
malloc
memset
printf
signal
sprintf
strcat
strchr
strcmp
strcpy
strlen
strncat
strncmp
strncpy
strrchr
tolower
toupper

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 9KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ