017a1dead53c28dde86efd01a26b5d3e_JaffaCakes118 | Triage

Sharing

General

Target

017a1dead53c28dde86efd01a26b5d3e_JaffaCakes118
Size

718KB
MD5

017a1dead53c28dde86efd01a26b5d3e
SHA1

0f025d2d09ba717a5575b6415d7907b55c53ba65
SHA256

e4e2891d1ecbec4766c204e49247ee2a58fd50a77f8c9379ec4c0fd8172fd297
SHA512

4387ccd7d26aa0cbe605b49b6decac76a83c87a1ffa25d657d54e86c7e140fe153e308b7b02579cdfaef1a130b0ea1eec5b706d2fc2f8053f081a74b7f71f935
SSDEEP

12288:8ZoVAJ053YgNy2F//b92glDvx/gFdLi3iGIxyO8vZZ+OCCKPV4cxaknNRKW2:8+OJO3WM/b5PgFlQiGUyllCCU/xakn7g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
017a1dead53c28dde86efd01a26b5d3e_JaffaCakes118

Files

017a1dead53c28dde86efd01a26b5d3e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1872d09f33cb96df619fcaea44c37945

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
LockResource
LoadResource
SizeofResource
FindResourceA
GetModuleFileNameA
GetStartupInfoA

msvcrt

__CxxFrameHandler
_exit
_XcptFilter
exit
memset
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_acmdln

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 754B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 308B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 710KB - Virtual size: 709KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

12197235
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE