a3c30807bbae4febe523c3f8ff9b7025_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a3c30807bbae4febe523c3f8ff9b7025_JaffaCakes118
Size

45KB
MD5

a3c30807bbae4febe523c3f8ff9b7025
SHA1

852c67e4d7e9950e8662b45aad4e29b3840e3bfc
SHA256

0401fed8a0f3a1fde0619d149b6dd0ea4c1b323ab9e9deaf1ed719b891f493e1
SHA512

37062c38a92205f3193c66e49aae5a92d1675f1325915a9860cc133d51f18ddc55a737af51803766e3e6ed43fa7d2112249875d726a5eb1ff9848a42df196161
SSDEEP

768:s5bprIDFaWmweeaOLl2Om7OmBk6BwnVjAe1DdjwZ7DFpUAhsyYt3kLvj:e9HWmaTmpOj9Ahsy7LL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3c30807bbae4febe523c3f8ff9b7025_JaffaCakes118

Files

a3c30807bbae4febe523c3f8ff9b7025_JaffaCakes118
.exe windows:5 windows x86 arch:x86

456ae5c38e42341eebc699574ab81c41

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

SetTimer

advapi32

OpenProcessToken

Sections

LHTPROT1
Size: 23KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

LHTPROT2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE