12cfa1847585080bf07acb9109930e11_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

12cfa1847585080bf07acb9109930e11_JaffaCakes118
Size

72KB
MD5

12cfa1847585080bf07acb9109930e11
SHA1

57bc407fd99a696877832dc2ab4e3f075a94310c
SHA256

50406184b3ea9afcfafe533b211fd463195881c9cee6639398e9e18beb4c61a2
SHA512

85693fa590853faf4a04bbde08b0cd94cca972fbe39282c2084c777b320db374c00ec89d300045fbb6ecac0e344a30646ca9d12b421a03c94a791b3d147aac7a
SSDEEP

768:38B13qVozsWJFVoWN8xPIJK018zm2eR6Kb32DWeJu+YlPFoT87JvxhNgQ/VRBSaJ:InXN8d30bd6dDjTY8+phTSkiNvz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12cfa1847585080bf07acb9109930e11_JaffaCakes118

Files

12cfa1847585080bf07acb9109930e11_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cc08b91ced839d2460b1cabd0a945144

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

cblrtss

ord968
_mFgmain2
ord2006
ord2038
ord733
ord969
_mFginitdat_dll
_mFiD78F
_mFgprogchain
_mFgtypecheck
_mFgprogcheckexit
_mFgAE
_mFgCE
_mFfindp
ord1333
_mFgF809
ord1015
ord1302
_mFgprogunchain
_mFgWinMain2

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_XcptFilter
_exit
_acmdln
exit

kernel32

GetStartupInfoA
GetModuleHandleA
GetCommandLineA

Exports

Exports

_mFdllinfo

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 937B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE