3f91c0b47243f9ec37d8fa7fd6c3aecd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3f91c0b47243f9ec37d8fa7fd6c3aecd_JaffaCakes118
Size

403KB
MD5

3f91c0b47243f9ec37d8fa7fd6c3aecd
SHA1

6e675ffda0e1b5299d81e4051eb2ff60db475a97
SHA256

cca175dd1dd1ee8158e88187d78339d9f70c5dc5dbb0cd4f474c0718d875fc6b
SHA512

9e4be94e1ff4771e8fd568dd27466c403fb92c90f1073951a0f9f6f4a56dbe0437c3ed080a82860c1eb6fd6d83e1d53cb177a7f0c238113c4d146282393718a5
SSDEEP

6144:Dgco2dBEJvtTPsYrcyQJgPTc3Tv7zK367AVC:DgWdBEJvt/LZ7Q7uqcVC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f91c0b47243f9ec37d8fa7fd6c3aecd_JaffaCakes118

Files

3f91c0b47243f9ec37d8fa7fd6c3aecd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0a215c0a1f0c6d49197ff704d51eeece

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
VirtualAlloc
FlushFileBuffers
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetACP
GetCPInfo
GetEnvironmentStrings
GetEnvironmentStringsW
GetFileType
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetStringTypeA
GetStringTypeW
GetSystemInfo
GetCommandLineW
HeapCreate
HeapDestroy
InterlockedExchange
InterlockedIncrement
LCMapStringA
LCMapStringW
LoadLibraryA
LoadLibraryExA
MultiByteToWideChar
RtlUnwind
SetFilePointer
SetHandleCount
SetStdHandle
VirtualFree
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WideCharToMultiByte
HeapAlloc
CreateFileW

user32

LoadIconA
LoadCursorA

advapi32

RegOpenKeyW

Sections

.text
Size: 326KB - Virtual size: 326KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

2
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ