3e0102c9c8b98119a6f39682a564ccee_JaffaCakes118 | Triage

Sharing

General

Target

3e0102c9c8b98119a6f39682a564ccee_JaffaCakes118
Size

7KB
MD5

3e0102c9c8b98119a6f39682a564ccee
SHA1

c2931459f0433dc184b4b66d3044d2fc189fe27b
SHA256

c3d3d702374ce40234708521dcedb5dd15ad84c3be04fbeabe5b143dcb4c072d
SHA512

b926cd368768e6bf6203c718bc278f395ae2b5a1521f2cff24355e535e2c166748a0a654f4dd3ddc811c74eab9f1df7c37f84eb03d5f68dce19501e815a8f5aa
SSDEEP

96:qSZQNzLSr4/LoKT8TIalOlENaeisAGlINUSAGfNblfkGa:5ZQNzLSr4/cN6l1eFrlINUSffVlfkx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e0102c9c8b98119a6f39682a564ccee_JaffaCakes118

Files

3e0102c9c8b98119a6f39682a564ccee_JaffaCakes118
.exe windows:4 windows x86 arch:x86

105b9eb6befa436bbc74c718c1c8f5b5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
VirtualQuery
ExitProcess
VirtualFree
ExitThread
FreeLibrary
GetModuleHandleA
lstrlenA
lstrcpyA
lstrlenW
lstrcpyW
GetModuleHandleW
GetModuleFileNameA
lstrcpynA
GetModuleFileNameW
lstrcpynW
lstrcmpiA
RtlUnwind

user32

CharUpperW
CharUpperA

Sections

PL
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ