3e0aa92b01b818b5f70888a4853701e7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3e0aa92b01b818b5f70888a4853701e7_JaffaCakes118
Size

559KB
MD5

3e0aa92b01b818b5f70888a4853701e7
SHA1

11141f281d4bfabf7cf54d47b4be1410f16a2e34
SHA256

7aee5610ce4b8475fcffdcad7edc584480278ef20249a1621bdfccdce3dc15e8
SHA512

5ed448f6f6b909e1a6ff776b26b8220e41695af04e7f22731d879c3ca5a32ed80f50d3791330fcdeeba059cacacc687980ab6815d88f79e68c2714c753e19d2e
SSDEEP

12288:OUU/UL0IeM4XWIm4PvyENZX7A+eP6k1JvyhrMXnxYb66DoM:O/UL0IeM4mmP57A5Pzv2rMGDo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e0aa92b01b818b5f70888a4853701e7_JaffaCakes118

Files

3e0aa92b01b818b5f70888a4853701e7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0fb92731d4c24cd73b9096571b56a01a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

ald.pdb

Imports

kernel32

GetProcessHeap
HeapFree
FormatMessageA
QueryPerformanceFrequency
HeapAlloc

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 511KB - Virtual size: 510KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ