3ba2243299684b11205e206ebdc430b1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ba2243299684b11205e206ebdc430b1_JaffaCakes118
Size

66KB
MD5

3ba2243299684b11205e206ebdc430b1
SHA1

4816cc2df9f5624f869ece923d257bcc4ac19ced
SHA256

fb1771ed84b67af5f5b2b49933525a4e89c4f4f1ac3ed412f4121b85b02611c5
SHA512

27ffdc02f180a154f63f3fea7567650e032d6243be6dc51f721b69c8df88b634b738d75010d53238e57c9f2f1cfc0fa9aba45e48fcfc9374ce36be69fc603cad
SSDEEP

1536:3QJghZJ/dxj2+RxsoFkOXlqsGF3bXV0tebvwIBGcG9iPqJxxVfBd:3fp68tKOXwTLPG5iPG1fL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ba2243299684b11205e206ebdc430b1_JaffaCakes118

Files

3ba2243299684b11205e206ebdc430b1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

034cf8146aef0c9493e4b0bb9bcf8525

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

PrepareTape
TerminateProcess
GenerateConsoleCtrlEvent
CreateHardLinkW
LoadLibraryW
SetConsoleOS2OemFormat
GetProfileSectionA
GetConsoleNlsMode
WriteProfileStringA
InterlockedIncrement
LockResource

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE