7c3b5f63ff506b5f98cc0d43d7c3ced6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7c3b5f63ff506b5f98cc0d43d7c3ced6_JaffaCakes118
Size

614KB
MD5

7c3b5f63ff506b5f98cc0d43d7c3ced6
SHA1

358567e4e22b20420abc9cf98417b25e65502a16
SHA256

3d66c0122f5214730b43181e8c8a83a4189d7ec1ce4bfdb76c9a6c61fab486df
SHA512

5ed0d5c141672b1587d6ebe45e27d67f5f3cb9e6241ef08319a469952809158dd8dc7e841e5cb7ced102b3bb5f0e3b59a60e8b32e03a6b90e870bf9a5275f8d4
SSDEEP

12288:zXWCg8VQBTC3TDyyPHun18AMBHPclpDmDk1rU22K5aNkF7bn1nJhTCXB4glnsWM:TWHADDPHuaAMBvcl1trU2Q8dnJpE6ghi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Auto-Rechnung-4330956889458-824894602045351783.com

Files

7c3b5f63ff506b5f98cc0d43d7c3ced6_JaffaCakes118
.zip
Auto-Rechnung-4330956889458-824894602045351783.com
.exe windows:5 windows x86 arch:x86

85a58b7810eddf2faa5da378f9533402

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileA
LoadLibraryA
OpenMutexA
OpenFileMappingW
CreateFileW
SetLocalTime
LoadLibraryW
GetCurrentThreadId
GetFileAttributesW
ReadFile
IsBadStringPtrW
GetSystemTimeAsFileTime
VirtualQuery
CreateSemaphoreA
HeapCreate
CreateProcessW
GetCommandLineW

user32

IsCharLowerA
GetMessageW
IsDialogMessageA
LoadBitmapA
DrawStateW
LoadIconA
DispatchMessageW
CharToOemW
wsprintfA
GetPropW
CreateDesktopA
InsertMenuW
FindWindowExA
GetDlgItemTextA
DialogBoxParamA

ctl3d32

Ctl3dRegister
Ctl3dUnregister

Sections

.text
Size: 630KB - Virtual size: 629KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rep
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.rscr
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_WRITE