14591fb7745feaacd522592c4bb3f35c_JaffaCakes118 | Triage

Sharing

General

Target

14591fb7745feaacd522592c4bb3f35c_JaffaCakes118
Size

101KB
MD5

14591fb7745feaacd522592c4bb3f35c
SHA1

6784cee977bcdcd23aeec66211724ca1525c0280
SHA256

61bf152907ad9ea81c6c8010ba5213c627de221f40c308a4cabaa21bf8a75b07
SHA512

3240c37c70c823f734a78c8c27e12138fef41caa184a83f79dbe85e5604ed4892317640e96f86fb4f7339ec08e09b5b9db7b4345a98a57e6b006e61c6ea377ea
SSDEEP

1536:dtD5yG2FQU4uIcPevXtXA7JeH/Ax0UrN0UP/5qSml3iTEZ:dtkQpuAFTgyxlyTEZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14591fb7745feaacd522592c4bb3f35c_JaffaCakes118

Files

14591fb7745feaacd522592c4bb3f35c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c25c347f8f4bb2d8f70292cc947ab3d9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__p__fmode
__set_app_type
_except_handler3
__p__commode
_controlfp
__dllonexit
_onexit
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
fclose
fread
malloc
ftell
fseek
fopen
??3@YAXPAX@Z
??2@YAPAXI@Z

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoA
VirtualAlloc
VirtualProtect
IsBadReadPtr
WaitForSingleObject
CreateThread
ExitProcess
GetCurrentProcess
LoadLibraryA
FindResourceExA
GetProcAddress
GetModuleHandleA
IsDebuggerPresent

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ