39a2b08846e8b78e44802593f13c4ecd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

39a2b08846e8b78e44802593f13c4ecd_JaffaCakes118
Size

1.0MB
MD5

39a2b08846e8b78e44802593f13c4ecd
SHA1

477bb1a85bf3a9e193e2cddd04ca2d6df5124db0
SHA256

bbed22b743b757762c85ec2709a30441714fafee5a1fc5c0f943000f12112067
SHA512

f9c7f9e99631b7d8c07255e02d3db653cb7326dfd53cdf714057bf8b05b18de7ed80488eb30273afc1fe1ae8408f0f469572488eea9ab3338469aeaca3a6699c
SSDEEP

24576:6oAdZYFI1DdwrPPtX4JyosTuSyB34ZHp/VGpRX3e0PK7M:6oKYFqDdwrPP9ALnoZJ/VAR+0P9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39a2b08846e8b78e44802593f13c4ecd_JaffaCakes118

Files

39a2b08846e8b78e44802593f13c4ecd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4710e694cbc904bbde58b1960e1a3f6b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
GetTickCount
GetModuleFileNameW
SetEnvironmentVariableW
GetCurrentProcessId
OpenFileMappingW
GetLastError
MapViewOfFile
CloseHandle
CreateFileW
CreateFileMappingW
UnmapViewOfFile
GetFileInformationByHandle
VirtualAlloc
VirtualFree
GetModuleHandleA
GetFileSizeEx
GetProcAddress
LoadLibraryW

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xcpad
Size: - Virtual size: 744KB

.idata
Size: 1024B - Virtual size: 692B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 424B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ