3864cf6ccfbac1db8b03cb87d51a07bb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3864cf6ccfbac1db8b03cb87d51a07bb_JaffaCakes118
Size

340KB
MD5

3864cf6ccfbac1db8b03cb87d51a07bb
SHA1

34416bcb9f0da15df61b8bb40b8ba634e33b699a
SHA256

5599832a885c95d487b92f88bc9b0ec689907c217b88d28fa107822a629504f4
SHA512

868dc6c98dd8e5614eb8efc38338ffae41acd21a4a22d2fc10fad3fcfab0474697bc9a8acfdae3f7ed7de81d99068d4f5f6f28f57a298535b5b6b4db304f59ab
SSDEEP

6144:ZvMoCtHE5Ul7DXE8D/g6e945oe5E+Y0254RajPPzVB5g:9GHE5UlvXE8D/gx6oQncvVB5g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3864cf6ccfbac1db8b03cb87d51a07bb_JaffaCakes118

Files

3864cf6ccfbac1db8b03cb87d51a07bb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4d31f5df0432501215d42d9a9f23b79d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
VirtualAlloc
VirtualFree
VirtualProtect
LoadLibraryA
GetProcAddress
SetFilePointer
GetModuleFileNameA
GetModuleHandleA
GetEnvironmentVariableA

user32

SendMessageA

Sections

uudXRSFN
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Grgvwxcy
Size: 4KB - Virtual size: 566B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

oTEetxNJ
Size: 280KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

itTTTQiS
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

aRpGmNbT
Size: 4KB - Virtual size: 579B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE