3ed94a66ca15b9910399d34d24bbd3af_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ed94a66ca15b9910399d34d24bbd3af_JaffaCakes118
Size

38KB
MD5

3ed94a66ca15b9910399d34d24bbd3af
SHA1

8485d22f83e9a893dbe47d6981640e4bb2f9cff0
SHA256

de543f6b69fe9c916b8dcf3c324cbe795ba27fcba79fd8cc26255ee23dbc6830
SHA512

ad8a94a0838e49bc273e13716eb272569aaf3ee5f575b69c2f7e31cb308bda3a2de99f3e2e5aeb64a26fa4296feb4a455f3c469f755a0b4c362d0788272a3329
SSDEEP

768:Jx5psRMkoDw07mlQcR8pOlm8/twpnMrEzT8aszysggGQeQOTdisVdJRn:T5mealcpWm8/twpeEEegGVhTdf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ed94a66ca15b9910399d34d24bbd3af_JaffaCakes118

Files

3ed94a66ca15b9910399d34d24bbd3af_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1aa9e63be0736c0f4ea9f3d822eb5912

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileA
CreateMutexA
EnumResourceLanguagesA
ExitProcess
GetACP
GetCommandLineA
GetModuleHandleA
GetOEMCP
GetPrivateProfileStringA
GetStartupInfoA
GetSystemDirectoryA
GetWindowsDirectoryA
Module32Next
OutputDebugStringA
ReadFile
SetLastError
SleepEx
VirtualAlloc
VirtualAllocEx
VirtualFreeEx
lstrcpynA
lstrlenA

msvcrt

_XcptFilter
__getmainargs
__p__commode
_except_handler3
exit
isdigit
printf
strpbrk
time
wcscmp

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ