3fcc6f4d8d457d705364691d637064e4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3fcc6f4d8d457d705364691d637064e4_JaffaCakes118
Size

83KB
MD5

3fcc6f4d8d457d705364691d637064e4
SHA1

15a4e7e12897c8906688da306b5229bec6ea9655
SHA256

19e7a640d0e2b1f85a9073ce6ebadd0400dd59ed896d39dcac9967085ab979d0
SHA512

e3f180fc6728b6a5b52642571c405764aef705f85030d9d2fa372877b9e8b0a0ae39ccdfe359275e5afad935216518cd305d1253541102e4eed3c6dada2e573a
SSDEEP

1536:sq+2ruDBFsekQELXs4jjcJgeVUykh0gl1CNxSzdkaHVbjEErxTWDTMqhGKYIZTEP:QoekQIbfcnV60OC8dka1bjBkMqhGKZTE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fcc6f4d8d457d705364691d637064e4_JaffaCakes118

Files

3fcc6f4d8d457d705364691d637064e4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

308d0dca69ed58dd1265895513a875cc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextVolumeW
SetLastConsoleEventActive
GetConsoleAliasesW
IsDBCSLeadByteEx
GetFirmwareEnvironmentVariableW
MoveFileA
SetDllDirectoryW
GetThreadLocale
ReadFileEx
Process32First
SystemTimeToTzSpecificLocalTime

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE