3c168469ed7d5d2ca8c20534d8278578_JaffaCakes118 | Triage

Sharing

General

Target

3c168469ed7d5d2ca8c20534d8278578_JaffaCakes118
Size

77KB
MD5

3c168469ed7d5d2ca8c20534d8278578
SHA1

7318520b6aa027d6f16d530de40e50697cc6b894
SHA256

4aec794958f812e61fb4a79efd07757b938f332b45638477280ca0942f15571f
SHA512

f60ebf49d2aa1ac038d8ecdae0678bd44bbdd14d44cf0d1c3729ab71444fd7cab9929db79957e33b132e782653c55dabf3b8cc02676a0857c4c0dc1eccce4c8a
SSDEEP

1536:jXy0nti2cJX8K3NdiqKfPBlkkGquuZlZ/EFG9qsWG+2WQ9MS7IPM0h+:jiUcZ9EZfnhGq7N4Gos3aAX0h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c168469ed7d5d2ca8c20534d8278578_JaffaCakes118

Files

3c168469ed7d5d2ca8c20534d8278578_JaffaCakes118
.exe windows:4 windows x86 arch:x86

665a9b0c77a98d63aff0a33b6ae1ccaa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_adjust_fdiv
_exit
_except_handler3
_acmdln
fclose
sin
__setusermatherr
memcpy
strlen
strcmp
memset
malloc
_XcptFilter
_initterm
__getmainargs
exit
__set_app_type
fopen
fprintf
__p__commode
_onexit
free
fwrite

user32

GetDesktopWindow

kernel32

GetModuleHandleW
GetStartupInfoA

Sections

.text
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ