fc3372ce30eb043d82e4d747e36285d4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fc3372ce30eb043d82e4d747e36285d4_JaffaCakes118
Size

1.8MB
MD5

fc3372ce30eb043d82e4d747e36285d4
SHA1

d39818aefd4fe5059a5ed85716efa9851263afc5
SHA256

252cea8c7f7c3b6b78a66c9afb1289b680a2cfeeb5ce8fc66973ba37c095061a
SHA512

8268bacdbf12d6d8620f4bed124f6837ed7b3d47a4f6d5a32e5bde3b283135a2df4a93de7b03459dd30a30a5e1d8f600996a84c6303f713953c35e915f83c308
SSDEEP

49152:h3uL6pqCssPN6zvvZet7niGNDI3drGmCKOwZ:XS3MTzNDIoLKfZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc3372ce30eb043d82e4d747e36285d4_JaffaCakes118

Files

fc3372ce30eb043d82e4d747e36285d4_JaffaCakes118
.exe windows:6 windows x86 arch:x86

c4c681967a192797d18bf3b5463f04b2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteProcessMemory

Sections

Size: 127KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rsumpiyc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

flzfxrda
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE