4633ad2f7d3d2dce27b0c39770266db1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4633ad2f7d3d2dce27b0c39770266db1_JaffaCakes118
Size

121KB
MD5

4633ad2f7d3d2dce27b0c39770266db1
SHA1

5b86095a4918d88bb9fbd01c0c1b3c1207bbf60a
SHA256

c16f953f09af6e3ccd460fca3c4b70db48d0811129c8f7afebe3de9f74a4784c
SHA512

d3e8e603ba5962d07df268f7e7a1906854c2aa9b7736f7f719db0381bda3428671127f624761ca43ca992a61c2bf7470028a81eb050a589b647091955b6bca8a
SSDEEP

1536:ju/w+Fvmx0AqPR27GrN16rN4n3v+BWzWBfoRdk4iLpMZptvD5HtbplWfOkPPEQwd:j4H9L2SBINmGBKW9oXbiL2XB98O+pU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4633ad2f7d3d2dce27b0c39770266db1_JaffaCakes118

Files

4633ad2f7d3d2dce27b0c39770266db1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c35e0885cf49a02a4299529a5326f652

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__p__fmode
__p___initenv
_exit
__setusermatherr
__p__commode
_XcptFilter
_initterm
calloc
_controlfp
__set_app_type
__getmainargs
_except_handler3
free
_adjust_fdiv

kernel32

VirtualQuery
GetProcAddress
OutputDebugStringA
GetModuleFileNameW
WaitForSingleObject
GetConsoleOutputCP
VirtualProtectEx
GetLocaleInfoA
GetTickCount
GetModuleHandleA
GetTempFileNameA
GetOEMCP
GetSystemTimeAsFileTime
MultiByteToWideChar
SetCurrentDirectoryA
GetCommandLineW
GetModuleHandleW
lstrcpyA
SetFileTime
GetProcessHeap
GetCurrentProcess
lstrlenW
GlobalLock

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 26KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ