3bc355f5cfb591192063e3090a286e98_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3bc355f5cfb591192063e3090a286e98_JaffaCakes118
Size

270KB
MD5

3bc355f5cfb591192063e3090a286e98
SHA1

7fc18a871e18344484549d5987db7574523cd595
SHA256

f4188d79c686590f8422984f541f19408bdae208f06c832e932c9e41e8e862aa
SHA512

e7c14dd1a546547a183d9f5c9eaa025be05d9c1ef4325954dec2971a8892cf4d7e0ab4bb39351a82b45965b368adbefb80ad816348d61646d265752cf13d9327
SSDEEP

6144:VYK6CelYy8GlTUfKJ4QggzriFp0oFWZWtBXDmZ5g:VYK6CelYy8GlTUfKJCgzriFBFW8bDmZe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3bc355f5cfb591192063e3090a286e98_JaffaCakes118

Files

3bc355f5cfb591192063e3090a286e98_JaffaCakes118
.exe windows:1 windows x86 arch:x86

03ea7fc56e6811f80fc2dd1454ff7f4c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateFileA
ExitProcess
ExpandEnvironmentStringsA
GetFileTime
GetModuleFileNameA
LoadLibraryA
SetFileTime
WinExec
WriteFile

user32

MessageBoxA
wsprintfA

Sections

.code
Size: 266KB - Virtual size: 266KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 528B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ