31d3ba984f03242896a672b341462f46_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

31d3ba984f03242896a672b341462f46_JaffaCakes118
Size

123KB
MD5

31d3ba984f03242896a672b341462f46
SHA1

b789a3a9947f7a9822dd27ecaad72dd3f5f16fdf
SHA256

bf078b7d62672442bbcac6bb00844a87259196e0ef58932b684c160a051d564e
SHA512

462436750a58aede5018ccdc094c89ff55fa3493b7129895e49db1cd8c12efe07ea171088682896d64c18ebc147250e6525c4b6aadb113d221686d7f94a3984e
SSDEEP

3072:j3tQMUQ8mYkwLYQsucPNGgR0IZgjDSiga4YVYOj+3:j3zUQ8mYkxucFG8d3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31d3ba984f03242896a672b341462f46_JaffaCakes118

Files

31d3ba984f03242896a672b341462f46_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5832b2c874f0ce552fe6a0db69a20282

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__p__fmode
__set_app_type
_except_handler3
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_controlfp
_exit

kernel32

FlushViewOfFile
OpenProcess
LocalLock
GetPrivateProfileIntA
TlsSetValue
VirtualAlloc
GetModuleHandleA
GetStartupInfoA

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ