34c3598380c9733dc810c68841b21b6f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

34c3598380c9733dc810c68841b21b6f_JaffaCakes118
Size

358KB
MD5

34c3598380c9733dc810c68841b21b6f
SHA1

6065a597f35f9b55e9df90bd6506d6b384045044
SHA256

3e040cb353798a12eb1a63d25a8ee63457db036d2cb71048278944e2e56e4fe7
SHA512

9b7311923995db089009d05704075d41e7f8d2bfc860346eb123d9dd7d9a8cb4e12fd7238cdda055f654d47b297bf8420174be08d8e38eeab131f83e76f179e0
SSDEEP

6144:9apb2UFYTdgv9xrT/FFw85YMlOG/XPpcQcyDbujpfYzsK1M/mcV35uElo2ER86Oc:Uh+pgvzH/GenZcQ1QYz3g5H5EaU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34c3598380c9733dc810c68841b21b6f_JaffaCakes118

Files

34c3598380c9733dc810c68841b21b6f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e31da9913b579477f2a01abc7b830faf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDebuggerPresent
FreeLibrary
GetProcAddress
EnumCalendarInfoA
LoadLibraryW
WideCharToMultiByte
DeleteFileW
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
GlobalLock
GlobalUnlock
GlobalAlloc
GlobalFree

oleaut32

SafeArrayDestroyDescriptor
GetErrorInfo
VarFormatNumber
SetErrorInfo
GetActiveObject
VariantInit
SysFreeString

msimg32

TransparentBlt

Sections

.text
Size: 248KB - Virtual size: 280KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE