3cc70b9ea917359a44b5eb9402d2876d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3cc70b9ea917359a44b5eb9402d2876d_JaffaCakes118
Size

161KB
MD5

3cc70b9ea917359a44b5eb9402d2876d
SHA1

8ed8be24fb5fa06bf8b53f399c77501b816bcb5d
SHA256

3975d754ddc63d9e95ca1a4e13ac1fc412ea3d84c24f33f439bf648ebda70d74
SHA512

9d74cc20aee8570233e7988a13c4d91c6297b4f45fc1f8c7834a1ab1a23f71d2454004b945ebb9f613080383e64b1d23543b11ce9f56c8250bea0e15a86a3786
SSDEEP

3072:7D6WQ42O4iaVqM/WhE+7EvIAK18sexATGN7FHHZWeyiX4ZoeuscQNoiCT:7DnQ4XVM/WhE+7mtsbTGNZHHZ7X4Zoek

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cc70b9ea917359a44b5eb9402d2876d_JaffaCakes118

Files

3cc70b9ea917359a44b5eb9402d2876d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0931e97555ac33eb10aa9539fe890070

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
GetTickCount
GetModuleFileNameW
SetEnvironmentVariableW
GetSystemInfo
VirtualQuery
GetLastError
MapViewOfFile
CreateFileW
CreateFileMappingW
UnmapViewOfFile
GetFileInformationByHandle
CloseHandle
VirtualAlloc
VirtualFree
GetModuleHandleA
GetFileSizeEx
GetProcAddress
LoadLibraryW

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

PACK
Size: 144KB - Virtual size: 380KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE