3c45d1f8e2fa80d4f5d90581afbed63d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3c45d1f8e2fa80d4f5d90581afbed63d_JaffaCakes118
Size

1.7MB
MD5

3c45d1f8e2fa80d4f5d90581afbed63d
SHA1

0f0306baaf1cff8050950e04b4116fa1e0fd5383
SHA256

9a8b7496cdde96ecbd0ddd25f305403f9ca3a79f3a899d80168b444c6f2b3b8a
SHA512

5b52bfc33eb23266851fb94be7b7ed0aad720e89dc4f1728b1fbb979931af406e8c752ead225ec34773635166abcd96d3150b575212b3c5f2ecc550ee150327c
SSDEEP

24576:pd5qPBZD2K6LkNjN33CArykzgQi34a52qavMs5nHqxJ8UMXGtMnac8:zw2K6apn3rywa3e1Ms4/NMWKac8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c45d1f8e2fa80d4f5d90581afbed63d_JaffaCakes118

Files

3c45d1f8e2fa80d4f5d90581afbed63d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

25bed1fbe2a083a87ac7bce8930f03fa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32 winmm

GetCursorPos 1�+

Sections

.text
Size: 804KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 784KB - Virtual size: 784KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ