3f8874849204774b5d2c20642f77771d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3f8874849204774b5d2c20642f77771d_JaffaCakes118
Size

63KB
MD5

3f8874849204774b5d2c20642f77771d
SHA1

da87fd9666c0f5be3faf48e8a85b216467fc8866
SHA256

70fc49d37fa5d5a52eaa1a690d0934f306c50af315ef4364870d4d7613fafe4c
SHA512

46c2397d0cf61dd23255319f8bafc4995746763314d1e3867f6da8a79ce3b1fc4f14c33da2b20093aa91bcb3f01072dfa8c485920cad9d4065b43b0ee597e25b
SSDEEP

1536:8p/QAHxPIEXoVkm6Q2IEavPSb6lkJftO6DGk2m45:8/G9km6zIEJb6lkJftlP45

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f8874849204774b5d2c20642f77771d_JaffaCakes118

Files

3f8874849204774b5d2c20642f77771d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

57ae9d45a1274fb84ae2615fe984adf1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessInternalW
Thread32First
ReplaceFileW
HeapSummary
MoveFileExW
ScrollConsoleScreenBufferW
GetTickCount
FindAtomA
GetStringTypeA
SetConsoleScreenBufferSize
GenerateConsoleCtrlEvent

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE