3da2b865989d61b300cb36f8a22831b9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3da2b865989d61b300cb36f8a22831b9_JaffaCakes118
Size

24KB
MD5

3da2b865989d61b300cb36f8a22831b9
SHA1

8a9212cd13995042a7d92759d76df54f244e41a9
SHA256

141be001d4f488b146a350855ab43cf80f0e8370afbfe54fd5bdf89cd27b7620
SHA512

8a79e6d371532aa5219b989135eb619b3aaaa65efe2feb255ec1e498dad5f1802600c1486b4efa49d1bd36814a47367a8ba56d82dcc5058dc650be856e117aa6
SSDEEP

192:JdMo2X0IpRhcySa70LJcTzY3lQWUhC1kzxKmu9Xh8JNP1oy5Ey6Y:J2o2rpRhcyH70LJcfwh871AZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3da2b865989d61b300cb36f8a22831b9_JaffaCakes118

Files

3da2b865989d61b300cb36f8a22831b9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

01b80b4dbe0d78c3565ff076b9b88ecd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetModuleHandleA
GetStartupInfoA

msvcrt

exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_XcptFilter
__p__commode
__p__fmode
__set_app_type
_controlfp
_exit
_except_handler3
free
calloc
_adjust_fdiv

advapi32

RegQueryValueExA
RegOpenKeyA
RegCloseKey

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 628B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE