3aa162dff788eb2cd4171f4d68c59bd9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3aa162dff788eb2cd4171f4d68c59bd9_JaffaCakes118
Size

112KB
MD5

3aa162dff788eb2cd4171f4d68c59bd9
SHA1

822096c6c5fb5422a909e97659ed37ab816a7602
SHA256

d4a911e1366d581a80fc1e114d10ec40e63657bc0c9d8342b09fb09d177540c2
SHA512

1d220f4d4537664c93f0526831017c67bea268708f9f6db4054c1df47186f1b47b59e7227bb133a0297ec9f8a45be5cf2adf065bfed389c776611a79caecf6f8
SSDEEP

1536:o5KrLzsqYnq6FoMapn07rKwAnqmewAFLjcX4sSRGQvUmzzoz1sXNlR:oMsFsTcwqI4X0Q8m3oo3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3aa162dff788eb2cd4171f4d68c59bd9_JaffaCakes118

Files

3aa162dff788eb2cd4171f4d68c59bd9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

80f9fdb688ccd288c2e50259acc7b72d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSize
WriteFile
ReadFile
CreateFileA
SetFilePointer
FreeEnvironmentStringsA
GetTimeZoneInformation
GetSystemTime
GetLocalTime
ExitProcess
TerminateProcess
GetCurrentProcess
GetCommandLineA
GetVersion
HeapAlloc
HeapFree
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetProcAddress
GetModuleHandleA
WideCharToMultiByte
UnhandledExceptionFilter
GetModuleFileNameA
CloseHandle
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
VirtualAlloc
HeapReAlloc
SetStdHandle
FlushFileBuffers
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
SetEnvironmentVariableA
ReadConsoleInputA
SetConsoleMode
GetConsoleMode

Sections

.text
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE