3feed0cfeb8648c5daccac5ec14c8078_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3feed0cfeb8648c5daccac5ec14c8078_JaffaCakes118
Size

168KB
MD5

3feed0cfeb8648c5daccac5ec14c8078
SHA1

eb0d70b34c321e8963cef283e3b908c08c22f760
SHA256

3df793d828129e5908ba92444ab50ff8e062d05206c6e5d451b95cb29c3f8757
SHA512

e63475291879f75a5bc35c8a6fee44c4811180070a720453dc62497b18122b612e9b7ed9139e3636b0be50889eae515e15b3113f31512dbef2ec6f1b4f58658b
SSDEEP

3072:vMbr57K3FTuYlMT6BeO6BSvnNYnJpdbxuY8tkAaDs56VDFyzREqPZTXs6UtoD6DD:v+VcBuYlMT6wPKnsHdbUtLaDU61FyREz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3feed0cfeb8648c5daccac5ec14c8078_JaffaCakes118

Files

3feed0cfeb8648c5daccac5ec14c8078_JaffaCakes118
.exe windows:4 windows x86 arch:x86

22aa25a9dbb99211db866b1a30897dd8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetModuleHandleA
GetFileSize
FlushInstructionCache
GetTickCount
VirtualProtect
GetLastError
GetProcAddress
LocalFree
LoadLibraryA
Sleep
LocalAlloc
ReadFile
VirtualProtect

user32

wsprintfA
wvsprintfA

Sections

r0(cRDon
Size: - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

T8ZJ&7(o
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

AH\uYOf>
Size: - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

*=x\q%^:
Size: - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

\]4V?k15
Size: 164KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE