358f3b9106df8b347dd16c27b41273e7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

358f3b9106df8b347dd16c27b41273e7_JaffaCakes118
Size

115KB
MD5

358f3b9106df8b347dd16c27b41273e7
SHA1

4953a7027473c7960d57e538ee5f4d45d599bfd6
SHA256

3fd07613451fd038ac13ae8ea6251b1844d3bf7afcbd8658bbb342ed910bad4f
SHA512

a2764a61b7c7a1beaf34e1aa8f623a57c3ad41a265f90efcb248914409752d0b552f92d79be64bc7f6408c3df7b0e08ae767c48a5b1c94a4a30acc04b619b172
SSDEEP

3072:RtGb0LI9MCEam4Cu1W9YnHXAalPgs+8H:HLI9MCEd4zW9Y7lPgEH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
358f3b9106df8b347dd16c27b41273e7_JaffaCakes118

Files

358f3b9106df8b347dd16c27b41273e7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9ebdc29c844738c32e3902e2325df8d3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetCommandLineA
VirtualFree
Sleep
ExitProcess

Sections

.text
Size: 512B - Virtual size: 264B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 171B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ergerg
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ergerg
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ergerg
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ