3b5a3d6bd6af192f6a52ac57e3d4a159_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b5a3d6bd6af192f6a52ac57e3d4a159_JaffaCakes118
Size

122KB
MD5

3b5a3d6bd6af192f6a52ac57e3d4a159
SHA1

98b60dc7bc259d8cdbe8d197a1f827045d7cfd41
SHA256

845b24135850be7c342a768cf8719a6bb020666ebf22f441aa2dbd21f783d731
SHA512

1f82fe65bf3f255f4c97e20c303406497bbe6ace5ae14b2a1c01e3241951b379fb109cd5ceaaf68622879810d3df8a921908a40664edddc9cf87a09c9eff0f1d
SSDEEP

3072:FIL6fMcVFqhI8gmOmQCjuqEEsLOsk6SB:EhjrTQU3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b5a3d6bd6af192f6a52ac57e3d4a159_JaffaCakes118

Files

3b5a3d6bd6af192f6a52ac57e3d4a159_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9f3b987af6fbb75afded73c516083342

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
Sleep
GetWindowsDirectoryA
GetEnvironmentVariableA
SetLastError
IsDebuggerPresent
GlobalReAlloc
GetFileTime
GetProcessHeap
VirtualProtect
SetStdHandle
GetVersionExA
GetUserDefaultLangID
GetStartupInfoW
GetProcAddress
VirtualProtectEx
LCMapStringW
GetCommandLineW

msvcrt

__getmainargs
_controlfp
calloc
_adjust_fdiv
_initterm
__p__commode
_except_handler3
_exit
__set_app_type
__setusermatherr
__p__fmode
free
__p___initenv
_XcptFilter

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ