3f08d85095e080bdefe3bfdbf1fcef1c_JaffaCakes118 | Triage

Sharing

General

Target

3f08d85095e080bdefe3bfdbf1fcef1c_JaffaCakes118
Size

277KB
MD5

3f08d85095e080bdefe3bfdbf1fcef1c
SHA1

f9d8b53a5ff85d708e0519dff388b64239d6d1e9
SHA256

8b27b807a986f0fc764575d312bf6ec329a5ec8f4e56a1b0f3f7e5860bd90794
SHA512

e45e2ff2a4d66704413a4d1a7cc9e4235dc2f7fc8e28faf2fe008bfb1cc14591fbbf49ee8b1fa31dcf98b9226aa0f48e134d73f1bb6378f657610344d66aa204
SSDEEP

6144:+SU08xVyLq945seqmXCrlNHmlsbiGDf/0ukz0DYZO:rP8x4Lsj+Crl5mlsVIy0O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f08d85095e080bdefe3bfdbf1fcef1c_JaffaCakes118

Files

3f08d85095e080bdefe3bfdbf1fcef1c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5aec9e40d30bdc3d344ae2e587c69518

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
GetProcAddress
LoadLibraryA
UnmapViewOfFile
VirtualFree
VirtualAlloc
GetLastError
EnumSystemLocalesA
GetSystemTime
GetModuleHandleA

Sections

.text
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 318B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ