3c46b4751326cd26e6304332592a6f91_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3c46b4751326cd26e6304332592a6f91_JaffaCakes118
Size

321KB
MD5

3c46b4751326cd26e6304332592a6f91
SHA1

203eabdb452fc46ebb692226740bfe043fa76fde
SHA256

3ad35ef93ea4dfa11de1b3b79e539cdd6fadddd042599b3b50ea6587e4f7e9ef
SHA512

a58257d25b3a56134b953c4582ccbfb87aa730af2e0e2c1e7d9af0befae5ee37170b3f854184f9ba22d07c32a3e131529c9e7b328cebbedd62e672aebcee4098
SSDEEP

3072:DI9DLp4fh/4MPMPdjQ1ILj8C2YNGsfJyVWf1xEwrXThB7194OaQytCLOTgfYdEbP:sNdYkVjjDsSxEqr7wtC6gQ4Ysrdcqv5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c46b4751326cd26e6304332592a6f91_JaffaCakes118

Files

3c46b4751326cd26e6304332592a6f91_JaffaCakes118
.exe windows:4 windows x86 arch:x86

148bf55ceb3e5471ef5f9ffc2bb75e2f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
LoadLibraryA
VirtualAlloc
VirtualFree
VirtualProtect

Sections

.XComp0
Size: 282KB - Virtual size: 824KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.XComp
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE