3f9f4c33e5fce1c3613aeb7d4e56f4d5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3f9f4c33e5fce1c3613aeb7d4e56f4d5_JaffaCakes118
Size

92KB
MD5

3f9f4c33e5fce1c3613aeb7d4e56f4d5
SHA1

011fabf700618356ae357af97952f86ea5be807d
SHA256

b1a6a66c890f8271e46583d422e4f1f8b9842994217bcf58c1e854f6f157cd8f
SHA512

81cc675e5158aa1921598982a06b0745655cd475cb5287f389a0ef7f7284f8f53389b975d16dec5af0d95296c3377f38231110619fdbeba5c1664f08d1d55474
SSDEEP

1536:yI7cPoeel9fGhAnW9ZAD9SO+hfaieo4YCxAbbiA:yI3eoAdADj+hi/HYg8biA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f9f4c33e5fce1c3613aeb7d4e56f4d5_JaffaCakes118

Files

3f9f4c33e5fce1c3613aeb7d4e56f4d5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ae6449728bc3f2d1d0e28c129e4d8501

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

euser

ord1651
ord1215
ord553
ord57
ord56
ord1174
ord124
ord345
ord809
ord970
ord1653
ord1652
ord1650
ord508
ord491
ord1318
ord1417
ord1428
ord1414
ord593
ord1649
ord1639
ord457

iserverarc

ord12

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 368B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 744B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.E32_UID
Size: 4KB - Virtual size: 270B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.erdata
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE