38a6b2eefac4e57637bb2e44b9cffde9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

38a6b2eefac4e57637bb2e44b9cffde9_JaffaCakes118
Size

2.8MB
MD5

38a6b2eefac4e57637bb2e44b9cffde9
SHA1

6a70306ce7a2d11db10e3a82946398904d9da782
SHA256

c75f44e37142b6786085e796cff1923572b05d06c30a66ea5409c1221d70dfe5
SHA512

df3ea78d3f90086a3887a35fb30374452f08a20765d5790860a005b564e8e30ee526dd7c73b74bfb581df01b0880a86e8a228824476019159a836680e3416705
SSDEEP

49152:WR4J9f6sDZ8YqWS0uO7lPWJy/qevGw1L8Y39bQxpNpqwzLnIqG4HbqLO0xb/WQJ+:i47DaYqWvthPWM/rvG8L8YNb2J847qyx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38a6b2eefac4e57637bb2e44b9cffde9_JaffaCakes118

Files

38a6b2eefac4e57637bb2e44b9cffde9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f07973c962ce45b7c97e86a576be2f74

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32 kernel32

GetActiveWindow �B2

Sections

.text
Size: 2.0MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 768KB - Virtual size: 768KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ