3f7d05a1c628e16da66e331b63aa2e33_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3f7d05a1c628e16da66e331b63aa2e33_JaffaCakes118
Size

28KB
MD5

3f7d05a1c628e16da66e331b63aa2e33
SHA1

95b858f1ccd08a354e8bee18bb1e150e4bb237c2
SHA256

b5babe5b7002831d0fe9c8793f0a8724bd5a92ff5d5a997fc55e017eb3808bad
SHA512

f845f977b1d9b07e7bdc6c56e93b6d0167b6f7e3270abe4cfd4d99fa30464381de53437acbf2a42736dcbe2fa07c4cbb847ec06ce196d974bb97e5ea9ad9ab1a
SSDEEP

192:1jUF1d64pIXY583SPKeKIJt/mEP5BUvC51Cd0KJGRdmch6Sq:1jU564pIXYG31eKIJtbPp1Cd0KJGA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f7d05a1c628e16da66e331b63aa2e33_JaffaCakes118

Files

3f7d05a1c628e16da66e331b63aa2e33_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d61093202688251fb4acf76018398da1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
_initterm
strncmp
strncpy
malloc
free
modf
_ftol
atoi
sprintf

kernel32

VirtualProtect
LCMapStringA
CreateFileA
GetFileSize
ReadFile
CloseHandle
IsBadReadPtr
HeapFree
HeapAlloc
ExitProcess
GetProcessHeap
FreeLibrary
OpenProcess
GetModuleHandleA
LoadLibraryA
GetProcAddress
lstrcpynA

user32

wsprintfA
MessageBoxA

Exports

Exports

close
protect

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 632B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 402B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ