55574ed4e78e533f80fe87eb308d6a07_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

55574ed4e78e533f80fe87eb308d6a07_JaffaCakes118
Size

129KB
MD5

55574ed4e78e533f80fe87eb308d6a07
SHA1

bea524e382c48de6bf39888dbeeb75893cf529b3
SHA256

dda9f3f41aea257b8b91736a59424615cbc12b5d72eec0f5ab1053d88469ffd2
SHA512

6bcaec8b4c3ca3f8eebbb3a69ff69cffd19e8ff8e4a4e486eda28318223b09dc4660ff8c980576d82400e6b18dfc8ba760004e35d8c6a970466f88e14a111398
SSDEEP

1536:zDK5DA5yp8FANM5BbbQnnydDAr6B0DwldLY0lJZAkbS5qDvmmoBPXOVG7unF:zDK5fp8ngnPr+0AvJZAAS5IToonF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
55574ed4e78e533f80fe87eb308d6a07_JaffaCakes118

Files

55574ed4e78e533f80fe87eb308d6a07_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d2b952728893d552d83f0f2f4e39bd18

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_adjust_fdiv
calloc
_initterm
__p__fmode
_XcptFilter
_except_handler3
_exit
__set_app_type
__p___initenv
atan2
_controlfp
__setusermatherr
__p__commode
free

kernel32

GetVersion
FileTimeToLocalFileTime
GetStartupInfoW
CompareFileTime
VirtualProtectEx
SetEnvironmentVariableA
GetCurrentDirectoryA
GetProcessHeap
SetThreadLocale
GetConsoleOutputCP
FlushFileBuffers
RtlUnwind
GetThreadLocale
GetSystemTime

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 790B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE