07c4bca0e2c1b9675d28b01dca638cc0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

07c4bca0e2c1b9675d28b01dca638cc0_JaffaCakes118
Size

115KB
MD5

07c4bca0e2c1b9675d28b01dca638cc0
SHA1

4ba6475a5b1567832339a4a474c9293651275d29
SHA256

581c3c1c4350022640c3683b3294dab236aecccbc39fe24b7761b021795d3856
SHA512

2ce1df873be6bf4c2b46d9151a348016225862f8f56cbd6c14a401789ef7d39eea299616c9603c3e8f5c7a19a515e823bdc873239153f08b48d6a32a6acb238c
SSDEEP

1536:660BsV5loXeQQ4GnHYg2L7wTwwY3koVdGrGkxbw1zN1EdPIodTlVpetanvb7RFsf:UXeQ8HYg83ko50WEdwo3Vpeta3RFsj7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07c4bca0e2c1b9675d28b01dca638cc0_JaffaCakes118

Files

07c4bca0e2c1b9675d28b01dca638cc0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3dbdb2a50ffaa22fd6aa8a3911cb6293

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__set_app_type
__p__commode
_controlfp
__p___initenv
__getmainargs
free
__setusermatherr
_initterm
_exit
_except_handler3
calloc
_XcptFilter
_adjust_fdiv
__p__fmode

kernel32

FlushFileBuffers
DeleteFileW
GetFileType
GetProcAddress
ExpandEnvironmentStringsA
InterlockedDecrement
GetCommandLineW
GetConsoleOutputCP
OpenProcess
MultiByteToWideChar
VirtualProtectEx
lstrcmpA
GetModuleHandleW
GetSystemDefaultLCID
IsBadWritePtr
GetProcessHeap
SetFileTime

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ