3f00f8684f424d88bc34710412493ab3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3f00f8684f424d88bc34710412493ab3_JaffaCakes118
Size

36KB
MD5

3f00f8684f424d88bc34710412493ab3
SHA1

3e14820634700f17db66784e8ac77132e7e90eea
SHA256

0dd2a4aeeb87434b4aed16f64290797f8f946f87d50369a170667a8240632f6e
SHA512

274088672991b30a7e2c11573585699f528a9a5130430ef252acffa66a80a9d8bce3582910499dc19cce77cbb4fc575f6c12b547e93530bc05fa8945c49d3c5d
SSDEEP

768:BA0xifzEsDp0XBl5yuo46OnbA4rqLMa2cBMtqlagv:FwL9DqXBl5yuVjsjRaC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f00f8684f424d88bc34710412493ab3_JaffaCakes118

Files

3f00f8684f424d88bc34710412493ab3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

87a004d492a3084f22f428f742c302ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualFree
GetLastError
ExitProcess
VirtualAlloc
GetTickCount
CloseHandle

advapi32

RegCreateKeyExA
RegCloseKey
RegSetValueExA

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 366B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE