3720391a460cfa9916fb3b2056eded1f_JaffaCakes118 | Triage

Sharing

General

Target

3720391a460cfa9916fb3b2056eded1f_JaffaCakes118
Size

305KB
MD5

3720391a460cfa9916fb3b2056eded1f
SHA1

68d12fe6b22dbf3e7aacc6fe43ac9313e7571fae
SHA256

10054884e46930891d3ba05fb895b32982861582e014755b5193ea681876d25c
SHA512

9c49f065685dd13b14c3538c1b532120e87a5ae033944f9a521a56689dec8aa73b1cd87201f758ce0376719a32344bd911be4ce89b4977ab666714fbb8fce062
SSDEEP

6144:9Inpjftn4BA09IlXiz3mlUIdWt5qtA/1w/dw/8RNuRYvJAPpAvU1BS16d1QfdQ/J:96jf66IWCEDMt5qtA/1w/dw/8RNuRYvm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3720391a460cfa9916fb3b2056eded1f_JaffaCakes118

Files

3720391a460cfa9916fb3b2056eded1f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1020172d9f26d04728d7a1d6bbe49341

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
strstr
strlen
strcmp
memcpy
malloc
free

kernel32

GetModuleHandleA
HeapCreate
VirtualAlloc
HeapDestroy
ExitProcess
CreateFileA
ReadFile
HeapAlloc
WriteFile
SetFilePointer
HeapFree
CloseHandle
DeleteFileA
GetFileSize
HeapReAlloc
FreeLibrary
MultiByteToWideChar
WideCharToMultiByte

user32

CharLowerA

Sections

.code
Size: 512B - Virtual size: 494B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ