f3ff9b945ae696590434d3b46308cfd5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f3ff9b945ae696590434d3b46308cfd5_JaffaCakes118
Size

43KB
MD5

f3ff9b945ae696590434d3b46308cfd5
SHA1

c5357247f6a74139c5fc0f2c47348b3bdcb5770d
SHA256

6b484e64d886a63cf7ed19eaf2d69bbc6689c680e63bf4fa211ef39da8eac5b4
SHA512

a16e103dbec72f61d87e00930b62243b7cb403f6f7b00466dac3ccea1269526e13d417f9075ffac76f3f04d795be7378dbcf167d337c642663000adabb19e0b9
SSDEEP

768:zFVnWfxQ57oXYxsk/3GMe005klN2r+ZgMAyBzTZcW88DgKB9:hNAxQwMe005oNd+6B9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f3ff9b945ae696590434d3b46308cfd5_JaffaCakes118

Files

f3ff9b945ae696590434d3b46308cfd5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3c9ec36feb924dcc5cd226362b513942

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
FlushFileBuffers
InterlockedExchange
OpenSemaphoreA
GetEnvironmentStringsA
HeapDestroy
GetExpandedNameA
GetTimeFormatA
GetCurrentProcess
DeleteAtom
GetCurrentThread
GetThreadPriority
IsDebuggerPresent
GetACP
HeapCreate
LoadLibraryA
VirtualProtect
FormatMessageA
GetStdHandle
GetCurrentProcessId
WriteConsoleA

user32

IsIconic
GetWindow
GetDlgItem
GetParent
EndPaint
DrawTextA
GetClassNameA
FillRect
ReleaseDC
wsprintfA
BeginPaint
GetCursorPos
SetForegroundWindow
SetActiveWindow
FrameRect
ValidateRgn
GetFocus
ShowWindow
GetWindowTextLengthA

advapi32

RegQueryInfoKeyA
RegFlushKey
RegEnumKeyA
RegCloseKey
RegCreateKeyA

uxtheme

GetThemeSysFont

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 708KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ