b3be31ce3b148b2cb94cdae1bcadf138_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b3be31ce3b148b2cb94cdae1bcadf138_JaffaCakes118
Size

111KB
MD5

b3be31ce3b148b2cb94cdae1bcadf138
SHA1

612d4661efb606540adbdd677b3c9f24d83ec619
SHA256

891c07bb0eee978b61a5ad1f2067f035ba3a33249a971086b56e6b75183c6ac7
SHA512

4183efb961670bf47c7e7c712236c735a0fcc8779ec162ec924fc034631602c2f3957542d7ac5c4b1edd1162a7525ab4b2af4213626fb242bf19287de0ec7a1d
SSDEEP

3072:1oJzkIe5p9nb1Ly+G6KIGz6b2EfYlnfN:1olkIib4vh6rkf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3be31ce3b148b2cb94cdae1bcadf138_JaffaCakes118

Files

b3be31ce3b148b2cb94cdae1bcadf138_JaffaCakes118
.exe windows:4 windows x86 arch:x86

de874d0a802eec8d858b31821a3022b7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
VirtualFree
Sleep
ExitProcess

user32

CharNextA

winmm

timeSetEvent

comctl32

InitCommonControls

Sections

.text
Size: 512B - Virtual size: 222B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ