3dcbc1336c1dd8fda3d3eef56f6f85cd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3dcbc1336c1dd8fda3d3eef56f6f85cd_JaffaCakes118
Size

58KB
MD5

3dcbc1336c1dd8fda3d3eef56f6f85cd
SHA1

f31dc29e34739363ff241256fbc2723d28aaefc6
SHA256

53acb08d2063feb02ab159b5b0695c1cdf3c443766e3e804fa7607247e9c636c
SHA512

76bf7ff07f12a39eea35183dde3a955b550c123763527ba9428d6438e64862c97dc5a8f7a1d4692f69452ba37a3be2607d94c83b7b3635be765042c5813d3acc
SSDEEP

768:at3tWnO+FNUzK3GwXxIiG/DvmRtOP7pqoQmPURHyL7vTDdHgvqpStpt:a5KOsezK2ix58bmrOP7LMRHyLX1gZvt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3dcbc1336c1dd8fda3d3eef56f6f85cd_JaffaCakes118

Files

3dcbc1336c1dd8fda3d3eef56f6f85cd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4ddb004c5c3f12170a8c81b3c03d2a48

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
GetCurrentProcessId
GetLastError
DeleteFileA
GetFileAttributesA
GetTimeZoneInformation
GetSystemTime
GetLocalTime
ExitProcess
TerminateProcess
GetCurrentProcess
HeapFree
HeapAlloc
CreateDirectoryA
GetCommandLineA
GetVersion
FlushFileBuffers
WriteFile
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
ReadFile
WideCharToMultiByte
CloseHandle
SetFilePointer
SetHandleCount
Sleep
GetFileType
GetStartupInfoA
GetProcAddress
GetModuleHandleA
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetCPInfo
GetACP
GetOEMCP
RtlUnwind
SetStdHandle
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
SetEnvironmentVariableA
CreateFileA
LCMapStringA
LCMapStringW
LoadLibraryA
HeapReAlloc
SetEndOfFile

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE