3bf81e866480062886265f0adb9ff7fa_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3bf81e866480062886265f0adb9ff7fa_JaffaCakes118
Size

12KB
MD5

3bf81e866480062886265f0adb9ff7fa
SHA1

c56b2828343e1501db59f537079c6969ef22cd4b
SHA256

c231f9d52e95d2ad7d04da2d8d72750052cd045d4a2771fa87b0ab3c6f195e9e
SHA512

fdeeb49770a90fa206da7f05c6001081df6d1ee06efbed81264e09e7f9f577a3511592911000acb2d613932b7d2c26df52bbec680c1a399b423b5b7598d98963
SSDEEP

384:ZwgNTLQDlB7eE/VM9X7FrH5yYYpq4/WNa+WV:ZwayBazsYrq1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3bf81e866480062886265f0adb9ff7fa_JaffaCakes118

Files

3bf81e866480062886265f0adb9ff7fa_JaffaCakes118
.exe windows:6 windows x86 arch:x86

8948e949ab23392b6ab0281cadf605d2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

CharNextW

msvcrt

exit

atl

ord16

ole32

CoUninitialize

vdsutil

?VdsTraceEx@@YAXKKPADZZ

Exports

Exports

??1CVdsDebugLog@@QAE@XZ
?m_NoDebuggerLogging@CVdsDebugLog@@QAEHXZ
?m_TracingLogEnabled@CVdsDebugLog@@QAEHXZ

Sections

.MPRESS1
Size: 8KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE