3f467e9118703183b02c0436c9dc20f8_JaffaCakes118 | Triage

Sharing

General

Target

3f467e9118703183b02c0436c9dc20f8_JaffaCakes118
Size

122KB
MD5

3f467e9118703183b02c0436c9dc20f8
SHA1

716572f1cee54b8db7c349727b88fcb7d6010a83
SHA256

1d2a648a224c2ce5248dc39ebdfd17473ce56eb6a171452c559f5ac8f06d7915
SHA512

c760dba1998b64cb9fa5140c279584758ccc97bbefad351c18ce1ef5f7f2a820de8f553fe329a8f2883c21f07c5fd42d524cbfc8049e607a409279e86f83056b
SSDEEP

3072:UVuOqL8tpPdwL80ORJeB/NWn/sJaI7YRVzpEyZhc8ed:fLCp1w70aE/sJaI7YR/pZQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f467e9118703183b02c0436c9dc20f8_JaffaCakes118

Files

3f467e9118703183b02c0436c9dc20f8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f188a558d19175303308624bd0c10947

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetModuleHandleA
FreeEnvironmentStringsW
CloseHandle
GetLastError
GetThreadLocale
GetProcAddress
FreeEnvironmentStringsA
VirtualAlloc
LoadLibraryA
GetEnvironmentStrings

user32

GetMessageA
TranslateMessage
DispatchMessageA

oleaut32

VarBoolFromDec
VarRound

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ