3c1aaa1fe547dcc890a01921efce82c3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3c1aaa1fe547dcc890a01921efce82c3_JaffaCakes118
Size

110KB
MD5

3c1aaa1fe547dcc890a01921efce82c3
SHA1

ac3555d0a6cf35fc383520f10fd46bd498ef8ee8
SHA256

ac6f3eaaa6986135d913e2cd2b85308f228ce584f84a8e7f5e2f762738ed9bcf
SHA512

817eec79710ad521ee6e7a0cafec7f20bd8b8a657639b9357c87c8c94235bc38fc89ccb0fba34cf388255bc2d44843dcdde0e4fcda46eeb3f2d07259c6f52c16
SSDEEP

3072:64O31De7/wgGcrokuPsZfo++XqLFOazYYe6gJ0e/S:6481S74RkA/qZx0YTgJ0d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c1aaa1fe547dcc890a01921efce82c3_JaffaCakes118

Files

3c1aaa1fe547dcc890a01921efce82c3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ddb5c4d00ac40aa3dd57927519a6ecbf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
ExitProcess
lstrcmpiA
FreeResource
lstrlenA
SizeofResource
SetFileTime
SystemTimeToFileTime
LoadResource
lstrcpyA
lstrcatA
ReadFile
SetFilePointer
GetModuleFileNameA
GetModuleHandleA
SetUnhandledExceptionFilter
ReleaseMutex
CreateMutexA
GetCommandLineA
SetFileAttributesA
GetSystemDirectoryA
Sleep
GetCurrentThreadId
GetLastError
RaiseException
InterlockedExchange
LocalAlloc
FreeLibrary
GetStartupInfoA

msvcrt

strchr
realloc
malloc
__CxxFrameHandler
_except_handler3
??3@YAXPAX@Z
strstr
??1type_info@@UAE@XZ
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
memcpy
strlen
??2@YAPAXI@Z
strcpy
strcat
strtok
memset
_strcmpi
_strrev

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ