3e598d9351896730596b86f21e2cbb2f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3e598d9351896730596b86f21e2cbb2f_JaffaCakes118
Size

36KB
MD5

3e598d9351896730596b86f21e2cbb2f
SHA1

f6d21ff675d328786df1787f8de60973276551c1
SHA256

f3150c5ed729d0e1c4302b4d13034ec56e57beba809ebdec75d43c7252c7290d
SHA512

872b50baea46d2b55f5d29e2240b33d0463f9695cf9c94218094d9b868b74de7b69edfd1ad513d1d232f9b521fcb58dad888b2ae3d9066419db2b00b64bae82c
SSDEEP

768:VDpMh/Wtx7Sp4OPqU573z86CjzWTDp+YPe/:VDpMhWx7SpoBqv0D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e598d9351896730596b86f21e2cbb2f_JaffaCakes118

Files

3e598d9351896730596b86f21e2cbb2f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4f8a202fd7d7460e54b12d99ca37d1d8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MapViewOfFile
GetModuleHandleA
lstrcpyA
lstrcatA
ExitProcess
GetModuleFileNameA
SetFileTime
GetFileTime
UnmapViewOfFile
GetFileSize
GetProcAddress
CreateFileMappingA
CloseHandle
WriteFile
LockResource
LoadResource
SizeofResource
FindResourceA
CreateFileA
WideCharToMultiByte
lstrcmpiA

shell32

ShellExecuteA

ole32

CoCreateGuid
StringFromGUID2

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ