0051b4dfde9bc5c362aae8904b500ce2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0051b4dfde9bc5c362aae8904b500ce2_JaffaCakes118
Size

128KB
MD5

0051b4dfde9bc5c362aae8904b500ce2
SHA1

9bcdb4fcf180d4197273e42272e2163d0437a55e
SHA256

5d3bb65f62f3774aea7452dae78fef40d1e73cac75657be52bd29d1b5ebae83b
SHA512

4d0564b3b836e23df0f4299c5a8b52ec9124efec1983e7a4647989691b3f2d231d87429c9763825e137b1ae0bfd42babf8fd157cf735a1ae3521dae6c7c2d294
SSDEEP

3072:zphBhLhTNpYHXxRbPHR9NQxPwu7sNz0f5g3t6:zpDhLpPYHB13NOwu0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0051b4dfde9bc5c362aae8904b500ce2_JaffaCakes118

Files

0051b4dfde9bc5c362aae8904b500ce2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ffc957ece14c063f487702bb9224b32f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_XcptFilter
exit
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
_exit
__p__fmode
__set_app_type
_except_handler3
_controlfp
_snprintf
strrchr
sprintf
_putenv
strncpy
getenv
fprintf
_iob
__p__commode

python23

Py_Finalize
PyRun_InteractiveLoop
Py_FdIsInteractive
PySys_SetArgv
PyErr_Print
PyEval_EvalCode
PyCode_Type
PySequence_GetItem
PySequence_Size
PyMarshal_ReadObjectFromString
PyModule_GetDict
PyImport_AddModule
PyRun_SimpleString
Py_SetPythonHome
Py_NoSiteFlag
Py_OptimizeFlag
Py_SetProgramName
Py_GetPath
_Py_TrueStruct
PySys_SetObject
PyString_FromString
Py_Initialize

kernel32

FormatMessageA
GetFullPathNameA
LockResource
LoadResource
FindResourceA
GetLastError
GetModuleFileNameA
LocalFree

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ