3bc77adaeb0617519fa3a702eb66b9fd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3bc77adaeb0617519fa3a702eb66b9fd_JaffaCakes118
Size

141KB
MD5

3bc77adaeb0617519fa3a702eb66b9fd
SHA1

6cfad356dc4f39862c47d3da8ed86adad166f4f8
SHA256

4a8458993d3a4d05b28dfed38446c0e45d9c1206101fda552837f8299b1d0e7f
SHA512

33cba4d2b22396830618388b2c1fbbe9cc2d8c00f8bea1077669363dec4fb438094abaef45f66263878385c41109802917aa63c20f5d439b53b700ae315b681a
SSDEEP

3072:pCkrtwQqSoV1c1fsFLKlr7M1Uvk+t8zbHzJPK7:pH/qL4sglr7Ma/tQzJy7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3bc77adaeb0617519fa3a702eb66b9fd_JaffaCakes118

Files

3bc77adaeb0617519fa3a702eb66b9fd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7d14bf9ec42028cef2cac4fc07df34ac

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateNamedPipeA
GetProcAddress
LoadLibraryA
UpdateResourceA

user32

GetAsyncKeyState
TrackPopupMenuEx
SetPropA

gdi32

GetCurrentPositionEx
GetMetaRgn

Exports

Exports

hwrfpwhcfnshwi
plinnhawlwrmyex
zhslfddbh

Sections

.text
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ