3e8ae4854c6707f19f549e113a4b1a78_JaffaCakes118 | Triage

Sharing

General

Target

3e8ae4854c6707f19f549e113a4b1a78_JaffaCakes118
Size

1.1MB
MD5

3e8ae4854c6707f19f549e113a4b1a78
SHA1

50c46dc1473fb3228bac47c92ccc22302479c8f3
SHA256

d580dd2d9a7684d3ad51e9c01ad384204a5b931679aa2d5286323a12958ae282
SHA512

a6218e287c85c0375b5f55ade651ae9bbc33be0e9233f88b05d1dae87b5ae9712d2889c117fab0dcf32108914d7df545203289ceb3735ba1cd170e512cfc51ee
SSDEEP

24576:85LlfAj8jjCzbl6as+7oR+8AKsnT+s/oC0yJ0qtK6QWJfXU:8FlpXK0a6+8UjQsiXJY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e8ae4854c6707f19f549e113a4b1a78_JaffaCakes118

Files

3e8ae4854c6707f19f549e113a4b1a78_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4031c5d066c7b964d0bd55c9833a517f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

_exit
_lsearch
__setusermatherr
sqrt
_iob

kernel32

VirtualProtect
GetCurrentThreadId
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetCurrentProcessId
SetCurrentDirectoryA

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 909KB - Virtual size: 909KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 188KB - Virtual size: 631KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ