3a6876ae5b8065f77fce9cba799ce0e8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3a6876ae5b8065f77fce9cba799ce0e8_JaffaCakes118
Size

58KB
MD5

3a6876ae5b8065f77fce9cba799ce0e8
SHA1

1d9c31ed5d0c19ea3a0c20a760b3916ba8e3bdc2
SHA256

bd593c02f1464f6110d4451871467f02746c5dae86b5ec303d8948b1f509299e
SHA512

34b42807655155c5249f48fed226560198b3904d3ff4f8f5a61fe6fab1c8200dbaf76f7efc1feb9df936875fef7293c3c101afc066bcdc17a8c0e14c787f556e
SSDEEP

1536:a17LsZHt7HOXxQvV1YvmQIzpdTREwPsrD:a17uYXevV1BzpdREDr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a6876ae5b8065f77fce9cba799ce0e8_JaffaCakes118

Files

3a6876ae5b8065f77fce9cba799ce0e8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

677c779362afce9a85b3ffd391a1e65c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

tLastError
fGetStdHandle
GetDriveTypeW
slotA
}OpenMutexA
lstrcmpiA
nA
lstrcmpiA
piA
piA
�GetVolumePathNameA
alDriveStringsA
HeapCreate
eHandleA
eTime
gsA
IsValidLocaeMailslotA
GetModuleHandleA
eA
GetModuleHandleA
dPipeA

scecli

SceSysPrep
angeNotify
DeltaNotify
SceOpenPolicy

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.adata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ