3cf096d5799ee69fb40b3b255fbc45fb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3cf096d5799ee69fb40b3b255fbc45fb_JaffaCakes118
Size

42KB
MD5

3cf096d5799ee69fb40b3b255fbc45fb
SHA1

fa32b2a8e4c1a16e811be48b0f7cf8cecc64b5c5
SHA256

065233bdfeed22d2139d63adf50f03bf94744d7ef1104743b210a647d2be7c14
SHA512

496cf8d44c6c69ca16ecf74d4485451abcf747d29f7ad41701c95d4842dbba0d0a0a49e0430ff5a6aa62839aa33c8c06b7c07d8a6db5291227fa862a2f727343
SSDEEP

768:Ct+V4GlSLQv38Bqpu3D8SQuy/KxlR4JZEfJkgt3wJvwf+6e3ih:CTLQv38coz8Fb6Jk0wRwjeyh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cf096d5799ee69fb40b3b255fbc45fb_JaffaCakes118

Files

3cf096d5799ee69fb40b3b255fbc45fb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6cffdb8e7ad8c4be09ae2d0b1ee32146

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumResourceLanguagesA
ExitProcess
FlushFileBuffers
GetACP
GetCommandLineA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetVersion
HeapAlloc
MultiByteToWideChar
SetLastError
SetUnhandledExceptionFilter
Sleep
SleepEx
UnmapViewOfFile
VirtualAlloc
VirtualFree
lstrcpyA

msvcrt

__p__commode
__set_app_type
_cexit
exit
free
isdigit
__getmainargs

ole32

CLSIDFromString
CoCreateGuid
CoCreateInstance
CoGetMalloc
CoGetObject
CoInitialize
CoTaskMemAlloc
CoTaskMemFree
StringFromCLSID

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ