9f00532b6824512f8f245cb789c71161_JaffaCakes118 | Triage

Sharing

General

Target

9f00532b6824512f8f245cb789c71161_JaffaCakes118
Size

175KB
MD5

9f00532b6824512f8f245cb789c71161
SHA1

829de6891ca10c638c9ac075a77b1bf06ca63646
SHA256

a22940dcfdf7cf05b6afc69d3fe6441761c96555fbcaed9d8cf006a400435101
SHA512

80e79a4ff68bd35bd73bf338410a021787f839ddf8de51f417b88ff0862d30d4b20e3605b53119af933c6cad888a78e4f0016e31202679d9f3f538d417dea30b
SSDEEP

3072:wup2r6y7Mz/Ovm0JqoX+GfKfNFIv/b0y4kohJJR0zspPYG4Z+iN60v:wuU2lCmlm+GYNev/b0y5qJJR0zspT0v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
9f00532b6824512f8f245cb789c71161_JaffaCakes118

Files

9f00532b6824512f8f245cb789c71161_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bb5d1acb7a2749c288af292c3c6ab360

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Installation\Setup\Directory\Setup.exe

Imports

msvcrt

_cexit
_exit
__p__fmode
__setusermatherr
_XcptFilter
__p__commode
__set_app_type
_controlfp
_initterm
puts
atoi
system
_ismbblead
exit
_amsg_exit
getc
strtol
__getmainargs
mbstowcs

kernel32

GlobalAddAtomA
FindFirstFileW
GetCommState
LCMapStringW
GetShortPathNameW
WinExec
GetBinaryTypeW
SetEvent
SetSystemTime
SetEndOfFile

Sections

.text
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.txtdat
Size: 512B - Virtual size: 367B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ