JaffaCakes118_13e84565dc33e8c7e3019bc35d69a856 | Triage

Sharing

General

Target

JaffaCakes118_13e84565dc33e8c7e3019bc35d69a856
Size

503KB
MD5

13e84565dc33e8c7e3019bc35d69a856
SHA1

8b899f80e741e5a8f381b1a4fe7e7bd8148c54e6
SHA256

7348fd8e3460e177c360e972091b870ecbb9d2b12fd2356c92311b765c701257
SHA512

9d745e2142b7f06124fe240e8ff7e4f27c0eaf63092be48d945c77811f1e19fc92e0095f721592f8b331de5c475563f8c0d51d4ff5ff0db834269a705707fe79
SSDEEP

6144:zgqXLAMGmC7FWaWH7hGc4Vw/E+V5JCmPg7F9j35Gw70v7K83XbFXXtZAGHrGqaeq:zbL/GmC7EVG3V0lH3PgT1N7c7dJXHl2p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_13e84565dc33e8c7e3019bc35d69a856

Files

JaffaCakes118_13e84565dc33e8c7e3019bc35d69a856
.exe windows:4 windows x86 arch:x86

c5c56c762dcc7da5eba57cbfa46fc23f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

AddAtomA
CreateMutexA
ExitProcess
FindAtomA
FindResourceA
GetAtomNameA
GetCommandLineA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetStartupInfoA
LoadResource
LocalAlloc
LockResource
OpenMutexA
SetUnhandledExceptionFilter
SizeofResource
VirtualProtect
VirtualQuery

msvcrt

__getmainargs
__p__environ
__p__fmode
__set_app_type
_assert
_cexit
_iob
_onexit
_setmode
abort
atexit
free
malloc
memcpy
signal

user32

MessageBoxA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 120B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 472KB - Virtual size: 472KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE