3dce89f3c66fce91c4e8e23820db3d1b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3dce89f3c66fce91c4e8e23820db3d1b_JaffaCakes118
Size

58KB
MD5

3dce89f3c66fce91c4e8e23820db3d1b
SHA1

2dc98544316bcf7e9402b84805e188a8cf32300f
SHA256

5da3fbc68ce451bb69e360fdca597a2a7d8865c41a10d135ac4890953b854719
SHA512

0056ea7a37cff927074c4e9484bd11405542ea4d2dd85b3fa847341e01b0ddbd70eabf6b619a450385a92c0ea83e9c95a5013c58e132ec97b517e0500d200232
SSDEEP

1536:MLdVQlo6YPObgGivwN4XKVF/fHXHnW+WZ21:MLcoTOJN4XORPlW8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3dce89f3c66fce91c4e8e23820db3d1b_JaffaCakes118

Files

3dce89f3c66fce91c4e8e23820db3d1b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0ce6d58134ff9961528747052f287f84

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
VirtualProtectEx
LoadLibraryA
ExitProcess
GetLastError
OpenThread
GetThreadContext

user32

GetMessageA
SendNotifyMessageA

Exports

Exports

Scrawwf
Khyikkcm

Sections

.text
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.DATA2
Size: 3KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.enill
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ