3eaf10abc3b97d65c060fb87a84cedcc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3eaf10abc3b97d65c060fb87a84cedcc_JaffaCakes118
Size

20KB
MD5

3eaf10abc3b97d65c060fb87a84cedcc
SHA1

51ea4f4a76e90e4915c471d06a21f254a1d76cf0
SHA256

e9d9e41213575d5906556a85eebd3a3669bcf430d93bc3a1c0f3fdec6cbb09ce
SHA512

bcfcc7b756b9ee79d646b500bebf8d43e32dfd77a544a2f77b47ac513511d3656119d078c3ae3f672cd85d4399477dffcb28cbeb48f5d20fa379039c9e9a4575
SSDEEP

48:5rhFESEZKwyS6n920AnIJ60TGK//jz8DCa7jADXzPw+VZZ6:53m16n920AIJ6iGqH8DCM0JVZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3eaf10abc3b97d65c060fb87a84cedcc_JaffaCakes118

Files

3eaf10abc3b97d65c060fb87a84cedcc_JaffaCakes118
.exe windows:1 windows x86 arch:x86

3ffc28bf37d7eec2bc6c83618fd066e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteA

kernel32

DeleteFileA
GetCommandLineA
GetModuleFileNameA
GetModuleHandleA
GetSystemDirectoryA
CopyFileA
RtlUnwind

user32

GetMessageA
TranslateMessage
DispatchMessageA
wsprintfA
DefWindowProcA

advapi32

RegFlushKey
RegOpenKeyExA
RegSetValueExA

crtdll

__GetMainArgs
_sleep
exit
raise
signal
strchr

Sections

Un-FSG !
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE