fe77e30b1957e3313fc5a44d24fa43d7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fe77e30b1957e3313fc5a44d24fa43d7_JaffaCakes118
Size

28KB
MD5

fe77e30b1957e3313fc5a44d24fa43d7
SHA1

b285d60e4ca152837544a4063990356c80fc86f3
SHA256

8893857415606db6d9f44bdac06f7d8395e3a37cf671acddb5c0eef336e0ae33
SHA512

beeccc9ea75144d01574a3f896a8f5f4c39c53235ad035e3addf7ddef188a7ba69967df883108611c94410d90901db9044283d63e9d3fa006691b2549e7df24e
SSDEEP

384:O6iwVF+QwCQf3js4xA+XKqDWpfiKZmbi:YgZwCQ7bAhqDWvQb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe77e30b1957e3313fc5a44d24fa43d7_JaffaCakes118

Files

fe77e30b1957e3313fc5a44d24fa43d7_JaffaCakes118
.exe windows:1 windows x86 arch:x86

eddfa4830fe9beba01e6c06e867ae160

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_wstat
__p__fmode
_mbsicoll
iswgraph
_acmdln
exit
__set_app_type
__p__commode
_adjust_fdiv
_XcptFilter
wcsspn
_callnewh
memcpy
_controlfp
isprint
_initterm
_wcstoi64
_exit
_wfdopen
_get_osfhandle
_getw
_findfirst
__setusermatherr
_except_handler3
clearerr
_strcmpi
_ultow
__getmainargs

kernel32

LoadResource
QueryPerformanceCounter
GlobalUnlock
CreateToolhelp32Snapshot
GetStartupInfoA
MultiByteToWideChar
GetFileAttributesA
ResumeThread
GetSystemDirectoryA
GetModuleHandleA
InterlockedExchange
GetTimeFormatA
ReadFile
MapViewOfFile

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 94B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ