3b56e24251ecc1193792ea18a7eeb340_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b56e24251ecc1193792ea18a7eeb340_JaffaCakes118
Size

800KB
MD5

3b56e24251ecc1193792ea18a7eeb340
SHA1

bfe55a334f19b4dfbdbf3605d4d5bc9fc58e6756
SHA256

af3a03e8ca4aba9162d034cdd0d83f401397be5bcd1d5509ff6379f37d6cd9ec
SHA512

b8f095bceb735dd137f774d8a564e108596ffbb1fdc5350c6094a87555f5e508a0dc386619acecc53cddcfc09951844d5058d600a03627e949ac99018dd25fc0
SSDEEP

24576:1LSfr0P9khNDwQkotwSgEH5L4+n689S+:m4PKbHhtwSgUe+6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b56e24251ecc1193792ea18a7eeb340_JaffaCakes118

Files

3b56e24251ecc1193792ea18a7eeb340_JaffaCakes118
.exe windows:5 windows x86 arch:x86

beceaf248ae72643b8af497e7df41632

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

TlsGetValue
GetTickCount
HeapFree
GetFileAttributesA
GetStringTypeA
IsValidCodePage
GetLocaleInfoW
GetModuleHandleA
MapViewOfFile
GetFileAttributesA
VirtualProtect
RemoveDirectoryW
CreateDirectoryW
SetLastError
LocalLock
GetCurrentProcess
FindClose
FindResourceW
IsBadWritePtr
GetExitCodeThread
GetDriveTypeW

user32

LoadImageW
IsDialogMessageA
GetWindowTextW
DispatchMessageA
LoadCursorA
LoadStringA
IsWindow
SetCursor
PeekMessageW
SetFocus
wsprintfW
PostMessageW
GetWindowLongW

msctf

DllUnregisterServer
DllUnregisterServer
DllCanUnloadNow
TF_InitSystem

rasapi32

DwRasUninitialize

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 699KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 789KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.import
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE