3ef838c317d485b5d84ad58a4245238b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ef838c317d485b5d84ad58a4245238b_JaffaCakes118
Size

56KB
MD5

3ef838c317d485b5d84ad58a4245238b
SHA1

8b5cc7009dbbcba3decae173d12e42dd0a25a4d5
SHA256

490e7dc5c6b59e92b49997304a1db158dce1142b1d3cac2f40399ebf4dd50915
SHA512

8a0453324955c42165b3af438261db0ac8dff9c8b5280fd76b0d4a86728cfddc661faa48a331a02d470f13e2211bd092e2a34d65643bcbf7f6f2236be2cb55d8
SSDEEP

1536:KKmsKJnIR6aogovLDxW4uCiTsGsB2lCYxTW:KKmsKJUajvvE8iT22l9TW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ef838c317d485b5d84ad58a4245238b_JaffaCakes118

Files

3ef838c317d485b5d84ad58a4245238b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

18bb33d1d8094ce0d18d6694c826b842

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CallNamedPipeW
AddAtomA
MapUserPhysicalPagesScatter
TlsFree
GetConsoleCommandHistoryLengthW
WriteConsoleInputA
GetCurrentDirectoryA
VerLanguageNameA
OpenThread
GetConsoleCursorInfo
GetConsoleTitleW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE