ff6e284537fb4df4bc7dc6f7996741a1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ff6e284537fb4df4bc7dc6f7996741a1_JaffaCakes118
Size

113KB
MD5

ff6e284537fb4df4bc7dc6f7996741a1
SHA1

b17fd99d155ddecc1d5ec752486c54232f485936
SHA256

4ab56cb077187dfcc9c79820ac4683f92ab1214f409c8cb35f6a21dde92c9430
SHA512

b7435e401b608bc68317823c3896f2df3e02aba1a53bea76e50292fe71a7307e6d2f08ac22621d35b964a98e22de1ac434d488e8f34d86cbed68e2a59852fc78
SSDEEP

3072:VRPEDCpZqLoPZemexIHec++MPwZrSaVjooUM:fcKqLKGeXMEVjQM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff6e284537fb4df4bc7dc6f7996741a1_JaffaCakes118

Files

ff6e284537fb4df4bc7dc6f7996741a1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ee4432557dd3183935e9386755bd1c1c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__set_app_type
_except_handler3
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_controlfp
_exit

kernel32

GetModuleHandleA
EnumResourceNamesA
SetProcessPriorityBoost
PostQueuedCompletionStatus
SetCommMask
GetProcessAffinityMask
FileTimeToLocalFileTime
FreeLibrary
GetStartupInfoA

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ