3dbee493c580bdff409736d758b78e1f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3dbee493c580bdff409736d758b78e1f_JaffaCakes118
Size

30KB
MD5

3dbee493c580bdff409736d758b78e1f
SHA1

27e29bf98ca37bd8aef5e995d7fc9f121a4c7c4a
SHA256

7ae61da8f7c01712aacd1cc469e7d056e98123a8cba6f7c23eaff120146fe2dd
SHA512

626de436f8957b57764bf86d0dfac050c961da1ff44c5bae30d9120c91e0ae57472fc8bf5ba3ec44c5ec87220e616dcea75d746e5ee10b23a00df333bcf24004
SSDEEP

384:B3NE14C6OLaKdN0MB/JkRVcgA9f4kiVFIk9z71c7p3v+VCS56v4SFxuvTM4H3c3:lNBC6EaADky9f4kIc78PAA6gvg3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3dbee493c580bdff409736d758b78e1f_JaffaCakes118

Files

3dbee493c580bdff409736d758b78e1f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

de5cf73343286bed0db5442b7d16ae20

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CreateWaitableTimerA
GetConsoleAliasesLengthA
BaseQueryModuleData
CreateProcessA
GetConsoleCP
GetFullPathNameW
ReadConsoleOutputAttribute
GetConsoleCursorMode
LoadModule
SetDllDirectoryW
DelayLoadFailureHook
BuildCommDCBAndTimeoutsW
GetCommModemStatus
IsValidLocale
SetConsoleMenuClose
GetVersion
UnlockFileEx
ExpungeConsoleCommandHistoryW
AddRefActCtx
Thread32Next
GetDiskFreeSpaceExW
IsWow64Process
HeapCreateTagsW
CreateDirectoryExA
lstrcpyA
GetNlsSectionName
GetVolumePathNamesForVolumeNameA
GetSystemDefaultLangID

Sections

nuxwduho
Size: 1KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

lkjsnuru
Size: 882B - Virtual size: 882B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ibababkj
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lcfszqxg
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gxkbchut
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

unajotkv
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE