3e4950e24ae7f007b0a1daadf5aa1d14_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3e4950e24ae7f007b0a1daadf5aa1d14_JaffaCakes118
Size

279KB
MD5

3e4950e24ae7f007b0a1daadf5aa1d14
SHA1

fcde94beccc3e08478047f75a67e4d55d3b46e7f
SHA256

f1ad2faf7604325c450050e5fa2e69c36d27d787355e442c1fc445a5ff72ab71
SHA512

b277b19826dc324f6436d9d6bee4d5ba5e3e57b9e0ecb5ebb4f5300746c5f5347598d9af52717d8f4adb95bbec509090bc662c73ae4230b1a750851c26339cf4
SSDEEP

6144:Ezmmm1iizP3DtMJkb1PX5fq1hY4cRy/iGrUskoSPs:hmG3xDv5j4ZiGrg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e4950e24ae7f007b0a1daadf5aa1d14_JaffaCakes118

Files

3e4950e24ae7f007b0a1daadf5aa1d14_JaffaCakes118
.exe windows:4 windows x86 arch:x86

66858d8e6f9142b7303c112519d510ad

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryA
FindAtomA
FindClose
ResetEvent
HeapFree
GetVersion
GetFileType
VirtualProtectEx
CreateEventA
GetSystemTime
GetModuleHandleA
FindClose
SetStdHandle
lstrlenA
ReleaseMutex
WriteFile
SetEvent
ExitThread
RemoveDirectoryA
RemoveDirectoryA
SetVolumeLabelW
IsBadCodePtr
CreateMailslotA
GetCommandLineA
WriteConsoleW

clbcatq

CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup
CoRegCleanup

rasmxs

DeviceEnum
DeviceEnum
DeviceEnum
DeviceEnum

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 270KB - Virtual size: 270KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ