3dc1bd1b99bb17f5c92fb8920b71b0be_JaffaCakes118 | Triage

Sharing

General

Target

3dc1bd1b99bb17f5c92fb8920b71b0be_JaffaCakes118
Size

56KB
MD5

3dc1bd1b99bb17f5c92fb8920b71b0be
SHA1

1eb336d07ab69995277821e14699000d49d74d5e
SHA256

3a785584e814f6d0e7ad6399d070d9f129790032f142a28aa58888136daf5748
SHA512

2621fb06c91ea5b8814a83907041a5bd4e562c31d66e89c33dfc1ae5ae741828f396eb6c10024e21944dd5994c2d52c092560558f721cada6536d48215d1dbfc
SSDEEP

768:vDhTFYkmSTBCNKhjadyZhWom8O7fkhXO9RewTKBM4duJVTNIzF2P/p4Of4MIpZ2k:xzWPomZ7EXO9RtOBhdQTF3pH4HMqkjg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3dc1bd1b99bb17f5c92fb8920b71b0be_JaffaCakes118

Files

3dc1bd1b99bb17f5c92fb8920b71b0be_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7c7dc5b951279f70dab0f0edf03f5970

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
GetConsoleAliasW
SwitchToThread
DeleteAtom
IsDBCSLeadByteEx
HeapValidate
WaitForSingleObject
GetSystemPowerStatus
SetTimerQueueTimer
GetCurrentProcessId
ExitProcess
ConvertFiberToThread

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE