338d357e7e99bd6dea7bf636c0d72b69_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

338d357e7e99bd6dea7bf636c0d72b69_JaffaCakes118
Size

1.3MB
MD5

338d357e7e99bd6dea7bf636c0d72b69
SHA1

806342cfbe20c356477b985253c93e70c4f907dd
SHA256

3407911572d105ad9ac5054b6a76c0dafb09f5d51ddd10a8d84bac3b57bb9a79
SHA512

3f83a089c0bb5c118fe78d444484b8f83812eeb3737e14989b0f85dec61e67a3402d236b8fbb63ac83b78c5e060f083073b95b592b6254b16db302745bf5272b
SSDEEP

24576:nF+tZesCoeRtrPSbumKo1CWrClkaeDoeFn5HWiD3SXEa:nMqBpRBPmnCWO8i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
338d357e7e99bd6dea7bf636c0d72b69_JaffaCakes118

Files

338d357e7e99bd6dea7bf636c0d72b69_JaffaCakes118
.exe windows:65535 windows x86 arch:x86

b2139e957979efd154fabbf121396023

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
CreateFileA
VirtualProtect
GlobalAlloc
VirtualAlloc
GetDateFormatA
GetLastError

msvcrt

__p__commode
_adjust_fdiv
__p__fmode
__setusermatherr
_initterm
_except_handler3
__set_app_type

Sections

.text
Size: 60KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsr1
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE