JaffaCakes118_4ff7fb51b1cff9b8ebacefce76033a30 | Triage

Sharing

General

Target

JaffaCakes118_4ff7fb51b1cff9b8ebacefce76033a30
Size

137KB
MD5

4ff7fb51b1cff9b8ebacefce76033a30
SHA1

7fa91811ff8f5af97516dfb6a1ea61f607c04534
SHA256

b4ca4ce4db26316e737e322102531e502b257344528f6b68cf97b19d92f2f511
SHA512

deb63daef0f896675f903727f5c0273ae4452b6f4142cd4b4d8153f76a34ccda5ec71a799044c7e017f84430df1d9e4299ff73504baff4fc573b7d2ac655852b
SSDEEP

3072:WQhZkOLfuDg0PtOqzKONqsEykRLSDuoBy5AlBu2K2rtNtJAb0:EOFStZzKqqsE6JB3gr2rFp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_4ff7fb51b1cff9b8ebacefce76033a30

Files

JaffaCakes118_4ff7fb51b1cff9b8ebacefce76033a30
.exe windows:4 windows x86 arch:x86

056d9b9e4e4d0b94131b46fe91becf14

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetProcessHeap
VirtualAlloc
Sleep
VirtualProtect
VirtualFree
GetProcAddress
LoadLibraryA
IsBadReadPtr
HeapFree
FreeLibrary
GetModuleHandleA
GetStartupInfoA

msvcrt.dll

memset
realloc
free
??2@YAPAXI@Z
memcpy
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
??3@YAXPAX@Z
strlen
_stricmp

Exports

Exports

Hai
wuhen

Sections

DA[hO[yv
Size: 725B - Virtual size: 722B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

o2U++PA&
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

)i6l@'1U
Size: 43KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ