3cb648a43f3944931c19d0591c2282d7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3cb648a43f3944931c19d0591c2282d7_JaffaCakes118
Size

313KB
MD5

3cb648a43f3944931c19d0591c2282d7
SHA1

242b482fa19bfff3cc100d1d93701703bac0f517
SHA256

54b47d444fa9946c3411c882dc3e24a821ce3444adc3b24f842f6db39d332048
SHA512

67a429f4d7ef996c3fd5c6081aea08123e4d8b3e3351d7d82a8b37a14ef06bedd34e5989ae39c3fdfd919c826308fb67270444a39349db8e3ac37caa1b012617
SSDEEP

6144:S5IsfL9g+8CeJIGHWqtE0bx9hflNs19MTEbeeDrs5GFwquE++3mh6q:EIsfxKx3EYPOKYKeDrZxuE++2ht

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cb648a43f3944931c19d0591c2282d7_JaffaCakes118

Files

3cb648a43f3944931c19d0591c2282d7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6e1f282449492d5fc7a87e6f1c3ced5d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LocalAlloc
LocalFree
GetProcAddress
ExitProcess
LoadLibraryExA
GetModuleHandleA
VirtualFree
VirtualProtect
GetModuleFileNameA
VirtualAlloc

user32

wsprintfA
MessageBoxA

Sections

.data
Size: 300KB - Virtual size: 836KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 5KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_rsc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ