3ee92b2f626f3cfbdcc3703f689650ff_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ee92b2f626f3cfbdcc3703f689650ff_JaffaCakes118
Size

86KB
MD5

3ee92b2f626f3cfbdcc3703f689650ff
SHA1

54793369b8dff75dd5a6b4e6cd5d8ada8d53b05e
SHA256

ea2533abd6b570fa4aa6a073beab481c464163c14bf138b0fd6221e0f3e2241c
SHA512

65aca0c39edbdddb97a782bd85d77a4491d62f39f52b053eaca665ada4a7175148e00f9b2da5e81ff2c5b8692432b075c8175a9dfddb6b7b22b1a13735277e38
SSDEEP

1536:6MMqLTxb/GMsgyu9s151bNcxVx1MYQzNn88fTwaGzFFdIq0AGb5e:6MJP9/GaGFhcvx5++8CzFFdr05E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ee92b2f626f3cfbdcc3703f689650ff_JaffaCakes118

Files

3ee92b2f626f3cfbdcc3703f689650ff_JaffaCakes118
.exe windows:5 windows x86 arch:x86

58f7dc27dbdd152316585e9856e3d70f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
ExitProcess
SetPriorityClass
VirtualProtect
SetLastError
GetStartupInfoA
GetModuleFileNameA

user32

BeginPaint
GetUserObjectInformationA

Exports

Exports

CreateUvutbsiaxv
GetKelugeko

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rcode
Size: 544B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata1
Size: 68KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ