09872e311db5fa2f61daef45b4468681_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

09872e311db5fa2f61daef45b4468681_JaffaCakes118
Size

22KB
MD5

09872e311db5fa2f61daef45b4468681
SHA1

7ca9f17103f9eaa9ea8563de9d84173a97ec1584
SHA256

e959ec2db64a2404daee9bab106b7f676336f56767cdd228ce1debed8b59b374
SHA512

6722af2861414ce946f99661ae93c0a94575720f73e74d54f5ca869a817e01df92ff1a2e6c9c639d115202044409aa85bd37f7cf9442ee02c153d8d2624155b1
SSDEEP

384:ml3npYpndK+ImvOnwH9HB+j+CeDF8pBNy7r6siKR:UwdfImzH90yoNyHsA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09872e311db5fa2f61daef45b4468681_JaffaCakes118

Files

09872e311db5fa2f61daef45b4468681_JaffaCakes118
.exe windows:1 windows x86 arch:x86

f413e961cb8f91b1a300f214bdbadd41

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExpandEnvironmentStringsA
FindResourceA
GetCommandLineA
GetModuleFileNameA
GetModuleHandleA
CloseHandle
LoadResource
LockResource
MoveFileExA
CreateFileA
RtlUnwind
SizeofResource
WinExec
WriteFile
lstrcatA
lstrcpyA

user32

RegisterClassA
GetMessageA
TranslateMessage
DispatchMessageA
PostQuitMessage
CreateWindowExA
DefWindowProcA

crtdll

__GetMainArgs
exit
raise
signal
strcat
strchr

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 8B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 88B - Virtual size: 88B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 224B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE