4580f0c6243290ac120b906d71569a7f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4580f0c6243290ac120b906d71569a7f_JaffaCakes118
Size

42KB
MD5

4580f0c6243290ac120b906d71569a7f
SHA1

8680909fd50784c577a77d46441c5b59e64cea96
SHA256

1edfbf603bb375278a55d386e2cc7972e552866d9d9a19dd46260662acee76e2
SHA512

58921456c71094f4ecb00c14c37b94490884e69ab7ff16951a47d1fe5dd8ef5619d7aef0ffd6f06a6da1f5340a805ebef58a2d763222c23ebd7a2fc7988533f5
SSDEEP

768:TQWi4IIRuSGdA+thZA8YBVsk0lYxao+jNE9tST24e96vZji+Tphz81lIdsDutU:TQWi4IIRHD+tk8W70sgNE9tSb/ji+jQp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4580f0c6243290ac120b906d71569a7f_JaffaCakes118

Files

4580f0c6243290ac120b906d71569a7f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

506a94a788a0af93cca507c4a5a83b10

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetCommandLineA
GetSystemTimeAsFileTime
GetCurrentThreadId
GetModuleFileNameA
GetModuleHandleA
GetTickCount
GetLastError
GetVersion
LoadLibraryA
CreateDirectoryExW
SearchPathW
AllocConsole
WriteFileGather
FoldStringW
HeapReAlloc
CreatePipe

msvcrt

_vsnwprintf
_stricmp
_wfopen
wcsncmp
atol
_vsnprintf
wcscat
_beginthreadex
wcsrchr
_exit
_wfullpath
malloc
time
_wctime
fseek
_wsplitpath
free
bsearch
iswctype
strncat
_getcwd
_initterm
fclose
memset
strncmp
rand
__p__fmode
fprintf
__getmainargs
strncpy
_snwprintf
strchr

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.int
Size: 1024B - Virtual size: 835B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ