9ee2d40217261f1bf12969677cb0a5b6_JaffaCakes118 | Triage

Sharing

General

Target

9ee2d40217261f1bf12969677cb0a5b6_JaffaCakes118
Size

68KB
MD5

9ee2d40217261f1bf12969677cb0a5b6
SHA1

5e25b27899e42e99cdb2b147dae1d48850cc878f
SHA256

b0b967f7c9262851732a938c9689d6928777a542a26a27ab34b25fc1ef8677cb
SHA512

099372e858842afe69b7b3ca8aad74ed5835c2fe7ac967b0150aaae36acb5b4426d6afb52569af911308979318dcc2dcf605c215673058535e353b072c79a890
SSDEEP

1536:x6RXs3kY2JwfO0t8HVtolv7xqCUbSVjFa4tbuWgUwo4km:4p8I4eu7eGVJa4BuJ8m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
9ee2d40217261f1bf12969677cb0a5b6_JaffaCakes118

Files

9ee2d40217261f1bf12969677cb0a5b6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

644aa57ecb89860f8d1723b87868c48b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
lstrlenA
GetModuleHandleA
GetStartupInfoA

msvcrt

_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
malloc
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__setusermatherr

Sections

.rdata
Size: 1024B - Virtual size: 526B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ