540bc13cd4b12867ae1bdc82e3c4287e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

540bc13cd4b12867ae1bdc82e3c4287e_JaffaCakes118
Size

11KB
MD5

540bc13cd4b12867ae1bdc82e3c4287e
SHA1

2d0e68b002901e742cb1ca6fa7a317a43f0127b5
SHA256

ddb543e9bc8d8fc9c3b59a631b3b2ca056f8ad3a1a3d523732098aa9b338cd50
SHA512

dcc0cc2f63060a12f8709f64195f49b42ec8260b758377827eccc3e670242548e24971556d77e667656de834a05fd5abba6ed45d125b718ca2009a5fac2336c3
SSDEEP

192:mV7Uvbvb5ImNG4sVGyOSsgeJZ/k1k8wDyYEvQBGTVIlvmSXt+wbmjOQ918e:mtIvOVGyOSsgc/kcevvOZXG6Q91V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
540bc13cd4b12867ae1bdc82e3c4287e_JaffaCakes118

Files

540bc13cd4b12867ae1bdc82e3c4287e_JaffaCakes118
.exe windows:1 windows x86 arch:x86

a2fff072892d62896160342135dc0a89

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SheChangeDirA
SheFullPathA
SheGetCurDrive
SheGetDirA
SheRemoveQuotesA

msvcrt

??_Fbad_cast@@QAEXXZ
??_Gbad_cast@@UAEPAXI@Z
??_Gbad_typeid@@UAEPAXI@Z
strerror
_CIasin
_CItan

Sections

.text
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE