3bcf5c77f5d052360c462fb2160b0325_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3bcf5c77f5d052360c462fb2160b0325_JaffaCakes118
Size

25KB
MD5

3bcf5c77f5d052360c462fb2160b0325
SHA1

653b8e2466d4fca0ff1b4d13a7c50004caeb089e
SHA256

d8f7f6259536a5388f559a00fc085f353549563ef905dc3e184d074a69645679
SHA512

6566db6591c8f3aac46e2c56b2b667a0b5e70ea92614d5a8cd7c1d6cb5478a3a55966fc320c1390ac031f3788da3bb4d84b347b3c8b0e102640e25cf06a019cb
SSDEEP

768:qp8NKYtVHGL/qQmGIkPiX77t4CcUbeLAS0r:VtVHGL/qLGIkEtDBS0r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3bcf5c77f5d052360c462fb2160b0325_JaffaCakes118

Files

3bcf5c77f5d052360c462fb2160b0325_JaffaCakes118
.exe windows:5 windows x86 arch:x86

eb3ccd570f159a63240a0f5d90c0fd3b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

PrepareTape
GlobalDeleteAtom
UnregisterWaitEx
GetVolumeNameForVolumeMountPointA
LZSeek
VirtualAllocEx
DebugBreak
GetFileAttributesA
GlobalFlags
SetVolumeMountPointA
ExitProcess
lstrlenA
HeapAlloc
OpenEventA

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ