384d3ea00676360ea0a9059ad99d3027_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

384d3ea00676360ea0a9059ad99d3027_JaffaCakes118
Size

172KB
MD5

384d3ea00676360ea0a9059ad99d3027
SHA1

3396839bbef59b8ccb73a23df691bbb64a8b7c82
SHA256

89679ee7c3a655cfa123c7fdf7a28427b4547acd7c82e08586b0f2e78eb15100
SHA512

df58d3665c544517f9755d6e74c0c612a21d025f9acdbcf6e5534a0ecdda204a8174a6d307f9857715f1957ae104984c8d647031972d722a103dde6f5d1509ae
SSDEEP

3072:rQbXL2Z3kZYvSnsfkM9OQEBGhG7CjGnc47Unb65EtrSSzyD6LNH:T3mFnqkM4MBGnHonb6CtOEO+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
384d3ea00676360ea0a9059ad99d3027_JaffaCakes118

Files

384d3ea00676360ea0a9059ad99d3027_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3eb17419b9628f807a55878062750268

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrCmpNIA
PathCompactPathExA
StrCmpLogicalW

kernel32

GetModuleHandleW
GetSystemDirectoryA
lstrlenW

Exports

Exports

?CoolerOptions@[SXH_KK]V
?GetImpersunt@[SXH_KK]V

Sections

.text
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xsys
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 210KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ