329c0248d2d821ba306c45f466cf39a3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

329c0248d2d821ba306c45f466cf39a3_JaffaCakes118
Size

27KB
MD5

329c0248d2d821ba306c45f466cf39a3
SHA1

c3df0aab9e3af8e3b0cc61c3190f72f17d809670
SHA256

2fdd840343dcc48d352ddf1527e66e8d68ac8515358a445db64ad0a437861863
SHA512

5210c6a89208d459469e563448d51944816a313c33cfa32c0057b41ba021a0500b10206776ee80be0d76c107dbf5b69e3a6ecd5eeb78bb77efac1725d4bda6f2
SSDEEP

768:5ZUgCV1Nt+QLa4AsKqoLHZ+wW6ikiltU9mKp/z:YzV1NsQLa1qCZ+wzIaj/z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
329c0248d2d821ba306c45f466cf39a3_JaffaCakes118

Files

329c0248d2d821ba306c45f466cf39a3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aa00b89c7e6739759570d032e3e04ae3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_except_handler3
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit

kernel32

GetModuleHandleA
GetProcAddress
VirtualAlloc
LoadLibraryA
VirtualUnlock
GetLongPathNameA
GetProcessShutdownParameters
WaitCommEvent
CompareStringA
GetStartupInfoA

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ