3677d80a3a2e24ac792d95bf088e9e91_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3677d80a3a2e24ac792d95bf088e9e91_JaffaCakes118
Size

164KB
MD5

3677d80a3a2e24ac792d95bf088e9e91
SHA1

0e1f996c9f67895aef4a6b1518a0e386965ca69f
SHA256

5bfcc2148e84edf346de485044968caf41bce6ceef961aebff1fa4fc936306da
SHA512

f33a7ef7f09ecf16272686c4d49c3971f67f01348c40026fef75a429498f9d2f71f262cc7954985b867350484d23750919842997f7f14ac6812c9ae240a7e37d
SSDEEP

3072:4TPr/fsBbYjhawqpDA6ULisCtoYJ83vZhesopVod+aUTDYuNp:yXsCawqp7sFYy3Bhe3pVod+aUT9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3677d80a3a2e24ac792d95bf088e9e91_JaffaCakes118

Files

3677d80a3a2e24ac792d95bf088e9e91_JaffaCakes118
.exe windows:4 windows x86 arch:x86

93361f8c6c57c9899e28c079929db992

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetModuleHandleA
FlushInstructionCache
VirtualProtect
GetTickCount
GetLastError
GetProcAddress
LoadLibraryA
Sleep
LocalFree
LocalAlloc

user32

wsprintfA

Sections

=o%*tt<8
Size: 132KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

9uwV8mmG
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

o%O:gy%e
Size: 4KB - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

*>_dBE@L
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ