29658a95e02011df26e305b8b8a92c70_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

29658a95e02011df26e305b8b8a92c70_JaffaCakes118
Size

87KB
MD5

29658a95e02011df26e305b8b8a92c70
SHA1

90ba885166d3573fd6894733bb786fdab8600d5d
SHA256

6fe30841ccaef945a25d0b86667e8e93e8d49bb66e25712ddd0adde4084d60d6
SHA512

73d03548d164c1d2556915fca297cd116e77efd27a5b29a8b30f0361886fe3c5e6b9be30856a74b861ec6a1d9136fa578b62f7d8a1dc1588ab291e327cea1b1d
SSDEEP

1536:kCAwOIhM5BbbQnBF/0AcjNSiY3np15zOeVQTRx2xZ40:kCAzngBlGN3Y3DBRVQz2bD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29658a95e02011df26e305b8b8a92c70_JaffaCakes118

Files

29658a95e02011df26e305b8b8a92c70_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a4e7525ed048f1b5ab11d0211fd235b4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_adjust_fdiv
free
__p__fmode
_controlfp
_except_handler3
_initterm
__set_app_type
__p___initenv
__p__commode
_exit
_XcptFilter
atan2
calloc
__setusermatherr

kernel32

RtlUnwind
GetVersionExA
lstrcpynA
GetLastError
VirtualProtectEx
GetCurrentProcessId
GetWindowsDirectoryA
SystemTimeToFileTime
EnumCalendarInfoA
SetUnhandledExceptionFilter
GetProcessHeap
GetStringTypeW
SetThreadLocale

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 762B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 50KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE