28237a239b68643b228547e5a9c8c1ef_JaffaCakes118 | Triage

Sharing

General

Target

28237a239b68643b228547e5a9c8c1ef_JaffaCakes118
Size

69KB
MD5

28237a239b68643b228547e5a9c8c1ef
SHA1

de9cbedaf3141a4eb603a0b439b2e35a9ae315cf
SHA256

e0f89a86765ce1def1462f8e40856237a7165c3adde99da1a7e25f5d15298be8
SHA512

6ff597223c0cd030689680b531cc0f7960eee1167875086fe0da106dbe347c7ddc81fbad18f1bc9492cf35bfb0654adcc272599ea46104a95bb78c30429cf61b
SSDEEP

1536:EaTroM075MgDygvvwhO9i3g89I8wVeIBSRkLXMQzyeL:EaIM0VlwT99wLBmE5zTL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28237a239b68643b228547e5a9c8c1ef_JaffaCakes118

Files

28237a239b68643b228547e5a9c8c1ef_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e1112b6722a3cce6443d7e0d778068c4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitThread
FindResourceA
SetCurrentDirectoryA
SetLastError
ExitProcess

msvcrt

__p__commode
__set_app_type
fprintf
swscanf
wcscat

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ