07b3d53861dc487e4554c0360a0a7f60_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

07b3d53861dc487e4554c0360a0a7f60_JaffaCakes118
Size

24KB
MD5

07b3d53861dc487e4554c0360a0a7f60
SHA1

02c91b11d9ca6c36b0adca03209dc56986878ce8
SHA256

f4aa24b1fb071e13cd0641c93e38a1988ce103496975d03b9dcee4798aab2b6e
SHA512

372a99b654ce54f59312ae3926d70ac3a310811f5ab2280aa75650a2c4eb85ee9914d548536aad0c74b0ce10e7e3e1653d0bb357267070686ac207a8cf93722a
SSDEEP

384:/eYrA4t2+Otc/V8uBUEOn678u9p8/EhYTKGfr1:/eYrAp+p/V8uBPOn678u9p8/EhYV5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07b3d53861dc487e4554c0360a0a7f60_JaffaCakes118

Files

07b3d53861dc487e4554c0360a0a7f60_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cfa8c32b4546d3af2acca6536469960e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GetSystemDirectoryA
FreeLibrary
GetModuleFileNameA
Sleep
GetModuleHandleA
GetStartupInfoA

user32

ShowWindow
GetMessageA
TranslateMessage
DispatchMessageA
PostMessageA
DefWindowProcA
RegisterClassExA
CreateWindowExA

msvcrt

atol
_controlfp
_except_handler3
__set_app_type
fclose
fwrite
fopen
sprintf
rand
__p__fmode
??3@YAXPAX@Z
strchr
??2@YAPAXI@Z
srand
time
__CxxFrameHandler
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 836B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE