3dcc3fb365255a28420dcf4b24ec0d3f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3dcc3fb365255a28420dcf4b24ec0d3f_JaffaCakes118
Size

81KB
MD5

3dcc3fb365255a28420dcf4b24ec0d3f
SHA1

731346c2d1e8fa62b7efb07c3353fa1ef8cc7789
SHA256

b9af2e90d70e1c49a6254a7e7578879b04e260b898d16eb2607664e32688c475
SHA512

756ffa0d18da44b483c9a617266a813b08ac61fa31b70fb18b6951e1a005ab4fdad5c3d700f4a789cf14a469e395ec1fe84d8f2b708767021def4fc4be52e3ab
SSDEEP

1536:MsjK/4T2Vb3hvaVbudh0dmY4eIC/vmCAJUiAlBG/hxE0T3QZaDL7JXvJE:hjKq2Vb3daVirLvhCAJ1/h+wgZMRf+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3dcc3fb365255a28420dcf4b24ec0d3f_JaffaCakes118

Files

3dcc3fb365255a28420dcf4b24ec0d3f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

af8bbd0bb63d711ec662564a312a9c2c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
ExitProcess
WriteConsoleOutputAttribute
VirtualProtect
GetModuleHandleA
GetStartupInfoA
GetModuleFileNameA

user32

GetUpdateRect
GetTopWindow

Exports

Exports

BeginKpsyqfmamb
OpenWgycboxbmow

Sections

.text
Size: 7KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 800B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata1
Size: 67KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrd
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ