0d5b7bd79913eb2e2ac457c8daebd00f_JaffaCakes118 | Triage

Sharing

General

Target

0d5b7bd79913eb2e2ac457c8daebd00f_JaffaCakes118
Size

148KB
MD5

0d5b7bd79913eb2e2ac457c8daebd00f
SHA1

a54f777d467635ffe18c6d1616b705bfee11cf8e
SHA256

693ba604fa7c7a2e17cd2318500fcd811ae3c9a7a722156ac0b784296598d070
SHA512

50cdbf887763209528ac2689d0af1aa68480f38ff3c7ead0653ec88c7edba3482fa603a3127471d6553057782d80127ad388404f5614915d3c02c7d2e2293fa4
SSDEEP

1536:pdpoIFKsx+9UiW6V7HqDor+LgWL/MsNzZj:rrx+9vqMyh/hNzp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d5b7bd79913eb2e2ac457c8daebd00f_JaffaCakes118

Files

0d5b7bd79913eb2e2ac457c8daebd00f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

60ede589e78871be81362500271b2ec1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mspdb60

?Open@PDB@@SAHPAD0KPAJQADPAPAU1@@Z
?open@NameMap@@SAHPAUPDB@@HPAPAU1@@Z

msvcrt

printf
strerror
_close
_iob
_unlink
fflush
_read
_errno
_open
signal
_lseek
_write
fseek
_ismbblead
getc
ftell
fopen
_stat
_vsnprintf
_mbsicmp
sprintf
_mbsrchr
_ismbcalpha
_mbschr
_getcwd
__p__pgmptr
_utime
exit
free
_makepath
_splitpath
_mbscmp
calloc
realloc
_findnext
_findclose
_findfirst
toupper
_mbscspn
__dllonexit
_onexit
_exit
_XcptFilter
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
isupper
tolower
islower
_mbsinc
_stricmp

kernel32

LoadLibraryA
HeapDestroy
GetProcAddress
HeapCreate
HeapAlloc
HeapFree

Sections

.text
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE