b3b5a2d2ffd238803b29f402bc48e7aa_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b3b5a2d2ffd238803b29f402bc48e7aa_JaffaCakes118
Size

92KB
MD5

b3b5a2d2ffd238803b29f402bc48e7aa
SHA1

6dc69a711876923bbf4ffc797325d7405af71447
SHA256

1996046058cbd7d4f20b13a3474f97010fa95c4110c8d4e83caba67c5c71d5ca
SHA512

b6d0681727675d2e4075a97cb15fd152f5f7907f7d1ac05a61082e2fdd2083b935c8ab75040a751084962061bc729ef3a06d2b317cc481be762bd99a5cfbec50
SSDEEP

1536:HQp+rbe83PAwvFrnzEJQM3I05lSChob2aUd7W:HQ2bv3PAEneQM3I0zS8oh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3b5a2d2ffd238803b29f402bc48e7aa_JaffaCakes118

Files

b3b5a2d2ffd238803b29f402bc48e7aa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6483fd60d581d6d68cdc614c9c003ad7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

f3biprct

ord18
ord25
ord27
ord1
ord26
ord67
ord28
ord3

f3bilpio

ord1
ord9
ord8

f3biio

ord1
ord38

f3bistmg

ord1

f3bidbg

ord14
ord3
ord2
ord5
ord4

kernel32

GetStartupInfoA
GetModuleHandleA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ