3d305a072bd962840c572f5c2a7879ae_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3d305a072bd962840c572f5c2a7879ae_JaffaCakes118
Size

24KB
MD5

3d305a072bd962840c572f5c2a7879ae
SHA1

6bc1ee8144a7676a452d878a3149f3a7b3ef7ef1
SHA256

638110a138afcadc7ae5b941c3b615d2fa2885212ad843b2305fb25c01bb99ef
SHA512

58f1ee1adcf7f2a943520ebfed1f369b6e2802ce7ca7cb591cc3986b30c1fc68ec3e1e7748d72ed93fabdb002a88e0d512dd4404007c57341fdd54478f03f8f0
SSDEEP

192:r5raQ2N6RrN+lKQwN5vRFX6RycIP1oyba3QhYwOiVKQ9Z1:Re4Rslx2fKRn+19Cw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d305a072bd962840c572f5c2a7879ae_JaffaCakes118

Files

3d305a072bd962840c572f5c2a7879ae_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6a238fc0346c570361d1a42281034298

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MoveFileA
DeleteFileA
CloseHandle
WriteFile
CreateFileA
FreeLibrary
GetProcAddress
LoadLibraryA
GetWindowsDirectoryA
GetLongPathNameA
GetTempPathA
CreateProcessA
Sleep
GetModuleHandleA
GetStartupInfoA

msvcrt

??3@YAXPAX@Z
sprintf
rand
srand
_except_handler3
__CxxFrameHandler
??2@YAPAXI@Z
atol
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_access
time
_itoa

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ