3b5d40db19532f7c60c629a1119c139b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b5d40db19532f7c60c629a1119c139b_JaffaCakes118
Size

141KB
MD5

3b5d40db19532f7c60c629a1119c139b
SHA1

1e39c02e1f2625160bf0e1ecd2a7db52c31bb212
SHA256

880582f9c67d64cb68ac96be5ea728964a98b1aac679a0fb72d0fe34e0b5449d
SHA512

d87c786fc625a97be28594aa82bdac57ced2bf232b60a47dd265141c2cca771365c5d16638f796188463f13cac5e7bc03b00fe9d702fad5c967d3d4b05c3f564
SSDEEP

3072:WwiYH2W/cl4ZIXt7wqkg3vmX1H6lmUtUh3cQPHQHs:FH0bIg3EB6lmUtE39HR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b5d40db19532f7c60c629a1119c139b_JaffaCakes118

Files

3b5d40db19532f7c60c629a1119c139b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a7333743ef063a68d1d860bbdf1c328e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

LoadLibraryA
VirtualAlloc

Sections

.pelock
Size: 70KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pelock
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pelock
Size: 14KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pelock
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pelock
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pelock
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE