b3eb090dad859cff7dca18717dbbc55b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b3eb090dad859cff7dca18717dbbc55b_JaffaCakes118
Size

84KB
MD5

b3eb090dad859cff7dca18717dbbc55b
SHA1

30261bd5f5b7d56b6b969b87cea00a5b175f8a38
SHA256

fc44eb55a7190eb44c4e299b844bc1667189f6a27aea106de5d0355244ee7b75
SHA512

8eb80fb50cbacf2df2d65a2f08e475241c89a1712d7538170c78f2c2248b16069af9e33cab71d80a39848c07b5de467b736c463870da8e883b5490a34f7592be
SSDEEP

1536:243jWVQle6wq5MQT8jr11mn6xeYh6SZMDHoqtLy:2mbleLq5MQT8jhon6xR6/oeL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3eb090dad859cff7dca18717dbbc55b_JaffaCakes118

Files

b3eb090dad859cff7dca18717dbbc55b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8ffb6a9d9d152e6ceb8bdb59698c64e0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumResourceNamesA
GetProcAddress
LoadLibraryA
RtlUnwind
MultiByteToWideChar
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapAlloc
HeapFree
WideCharToMultiByte
TerminateProcess
GetCurrentProcess
SetEnvironmentVariableW
SetEnvironmentVariableA
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
HeapReAlloc
GetCPInfo
CompareStringA
CompareStringW
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ