3756417730417b815ee976d8700d80ce_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3756417730417b815ee976d8700d80ce_JaffaCakes118
Size

57KB
MD5

3756417730417b815ee976d8700d80ce
SHA1

766e57764b063345cfa3b47144bd8163dc03f095
SHA256

e5dbb1e046d570fa4ff6eb84512839237c3d856260bd138c07ac94921c7e34e1
SHA512

ad2b85c2dc09ef2f48f9790f151b2a9713aa4c3bc44a33f78a7d41b31bbce01149f135600075ed9ca1641ba6e3d34ce8ac50fa95e83d7839772e6f7dc883d0e5
SSDEEP

1536:K+XoBpB6KvOYYbK61h12LXCOt8rXC0KPQKe:hXovRGhDh4LSOmkPQK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3756417730417b815ee976d8700d80ce_JaffaCakes118

Files

3756417730417b815ee976d8700d80ce_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4501f0f4bcc646a898d54d563cbe3707

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
VirtualProtectEx
LoadLibraryA
ExitProcess
GetLastError
OpenThread
GetThreadContext

user32

PostMessageA
IsChild

Exports

Exports

IsFnwhanxg
GetWukjsnoc

Sections

.text
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.DATA2
Size: 3KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.enewdat
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ