3313cf43a435a301b8d958e1581ee334_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3313cf43a435a301b8d958e1581ee334_JaffaCakes118
Size

20KB
MD5

3313cf43a435a301b8d958e1581ee334
SHA1

5725321a62ee76654c5d55f8e1a4e43481dad03f
SHA256

deae602950891ac60fd5706d8cc5d4983bb296fee1e491ed0f2d256a8cdc81d9
SHA512

8c1bd4bc0cc45bbd0430febb3a7f0dfb37b3e670bae10ccb3ffd114d37f913d5ae92ddde1ffbdcd604741c1fde0be52ca307b06c9e47b7d0b4d430c65f7d5cc6
SSDEEP

384:6qeLQuDg5PPukx+2kUbX5ViLoiEYl2mZ1E/0ZGwO8jp:QLfsPDx+2BXkoMl2mvA0ZQc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3313cf43a435a301b8d958e1581ee334_JaffaCakes118

Files

3313cf43a435a301b8d958e1581ee334_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6bf3961f891f001e1158ff319720988d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapDestroy
GetLocaleInfoA
lstrcpyA
FatalAppExitA
IsValidCodePage
LeaveCriticalSection
SetEvent
HeapReAlloc
GetDateFormatA
ExitProcess
OutputDebugStringA
MultiByteToWideChar
SizeofResource
InterlockedIncrement

msvcrt

_getcwd
_adjust_fdiv
strtol

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE