34e6497c935b6ad6f255be02740b3e68_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

34e6497c935b6ad6f255be02740b3e68_JaffaCakes118
Size

347KB
MD5

34e6497c935b6ad6f255be02740b3e68
SHA1

d69a2ef21c239a5e3a70a0061385a4359530e02f
SHA256

400713e6dba8268fe174406ae6fb2a3c2f06501a279f18906992949ccc69a19d
SHA512

436fc3170187c6ff252a5db01da0a046bdaf03eea731673a830892a4d14cf05e7cfb3c676e1ca56a4c6f6a6e2ad0aef2cb51ae34749cb229e8cfb77fe7d0580a
SSDEEP

6144:8l7t7qzPBNXoFthUC9i5/978mwLv24+C7VHapy31W4E1TbNEC/Zi5fJo8/mb:8l148UC9i5y+Fb4EZN/S/mb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34e6497c935b6ad6f255be02740b3e68_JaffaCakes118

Files

34e6497c935b6ad6f255be02740b3e68_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c1677b92494019eab071555092e5a6b8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetModuleHandleW
CloseHandle
SetUnhandledExceptionFilter
DeleteCriticalSection
TerminateProcess
LeaveCriticalSection
GetLastError
Sleep

Sections

.text
Size: 341KB - Virtual size: 340KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ