3399e6f55484c4accd3c0f4d569eacd9_JaffaCakes118 | Triage

Sharing

General

Target

3399e6f55484c4accd3c0f4d569eacd9_JaffaCakes118
Size

183KB
MD5

3399e6f55484c4accd3c0f4d569eacd9
SHA1

9ac3a5a183e02b0c4ef82fecab88b0e5e6200008
SHA256

33399a9dc4fa107e70d58d64df7ae84cf52b267588b5f35b2bd908d4a2e18b31
SHA512

2560b85f359d26e2cc37593ee073fbc0a8524a8003f873464d6154ea024c57cc5e180412d3ce84d5bd59ee762f78dc3c5eede43ec49e473f6bcd8c0d33611661
SSDEEP

3072:hYV5BKtyJp9bDCzeZ2rlx2PVvrB7FzwgnyTwOo/kPs3/Bs/ZN9Ps9fd9AX:yVPK0j+eZ8yTBOgnyTtPis/ZsA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3399e6f55484c4accd3c0f4d569eacd9_JaffaCakes118

Files

3399e6f55484c4accd3c0f4d569eacd9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8bf6ee1efbdcd482f7ba9aec5c5e0c7c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

advapi32

GetSecurityInfo

wsock32

WSACleanup

comctl32

ImageList_Add

gdi32

BitBlt

user32

ActivateKeyboardLayout

ole32

CoCreateGuid

oleaut32

SafeArrayCreate

Sections

.text
Size: 175KB - Virtual size: 532KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE