3050b87ea2942d032334a9f5df3eac6c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3050b87ea2942d032334a9f5df3eac6c_JaffaCakes118
Size

205KB
MD5

3050b87ea2942d032334a9f5df3eac6c
SHA1

c3efe066165e0c990c949232ccfe57c27d7756a8
SHA256

67e48b708c4a54c31b1799c05ea567207b10609826e942b09eb4a9aec7120d4b
SHA512

614437bf1c25ab3bb85d970c314ec5091d2dce86bed3e66a9f431a4471d3a2c24d35b773738112a49e76ab0ad5a5e1bc5ebffb369d33c54fe5192ddd93794ca1
SSDEEP

6144:hQx5Kqs4V3jgujNxzwsZ3iq6Z7JUi6oexkO4jaIKoP:hKKa3j/WPUiqmVj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3050b87ea2942d032334a9f5df3eac6c_JaffaCakes118

Files

3050b87ea2942d032334a9f5df3eac6c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b3c92d697d8060ad13fead91b6da0b66

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmAssociateContext

kernel32

SetProcessPriorityBoost
TlsSetValue
SetLastError
TlsFree
EnumResourceTypesA
ExitProcess
InterlockedIncrement
TlsGetValue
GetStdHandle
TlsAlloc
GetLastError

ole32

GetHGlobalFromILockBytes
CoTaskMemFree
StringFromGUID2

Sections

.text
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ