107bff8099230df65469faf9060f4044_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

107bff8099230df65469faf9060f4044_JaffaCakes118
Size

73KB
MD5

107bff8099230df65469faf9060f4044
SHA1

875e180181e5583e17032db57d66d948a2cda4e7
SHA256

bc8e5034f5a14b78b448cf59fca31f191d6176b18f978897518048f9da9e5287
SHA512

cd8dc1ad519e18142fcc3e94c5251a8e8b4785ca39533720f0b8fa846db38b3db5b9c6d826956b2483526acd7eff42a415f4d7fe920a93f799924a3d58bda2de
SSDEEP

1536:wOEBsPjUH9GNVqbJv3qD6hcn2emTnCfcWjDbMd8nW6QA:wOamUH9GNKJPxG2/Qc6bMYW6QA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
107bff8099230df65469faf9060f4044_JaffaCakes118

Files

107bff8099230df65469faf9060f4044_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d068b3442d4e6990534090b61fec50b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
Process32Next
lstrcmpiA
Process32First
CreateToolhelp32Snapshot
DeleteFileA
ExitProcess
SetFilePointer
CreateFileA
lstrcatA
GetCurrentDirectoryA
Sleep
FindFirstFileA
GetModuleFileNameA
SetFileAttributesA
GetWindowsDirectoryA
CreateThread
lstrcpyA

msvcrt

strlen
memcpy
memcmp
malloc
rename
sprintf
strchr
free
_exit
_XcptFilter
exit
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

Sections

.text
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ