03b3c3f09b440f218256ec203fdb80a4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

03b3c3f09b440f218256ec203fdb80a4_JaffaCakes118
Size

274KB
MD5

03b3c3f09b440f218256ec203fdb80a4
SHA1

3cb885136f88c40b28ffb7493159ea0ab3b620b6
SHA256

af2db588ce2b08a82cd87717c78b722a0c13baf1ac900ebf3796d2abe9669595
SHA512

45c12a142ba4e21114e547f70a3db965c9c4ecdd4f4326ff34c37272883569a124c981ca97d316c43e90cd1e6c10dde99ff25b17dd0111e2a67897ceca4f584c
SSDEEP

6144:Z8irGLMidD1RW1LT687kjxWB2EQYwrpFUoUUlCz9mtRDJEBCjDywHkQ:6HMidJRWX7koB2EDwLUxUw5e5JhHt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03b3c3f09b440f218256ec203fdb80a4_JaffaCakes118

Files

03b3c3f09b440f218256ec203fdb80a4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7decf368add21fcde17303786e8c5c57

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
HeapCreate
CreateFileW
LoadLibraryW
CreateThread
GetModuleHandleA
Sleep
GetCurrentThreadId
GlobalUnlock
lstrcpyA
lstrlenA
ResetEvent
CloseHandle
GetCurrentDirectoryA
LocalFree
FindClose
PulseEvent
GetSystemTime
UnmapViewOfFile
GetComputerNameA

user32

DispatchMessageA
SetFocus
CheckRadioButton
DrawEdge
IsWindow
CreateIcon
CallWindowProcA
CreateWindowExA
GetDC
FillRect
GetDlgItem
DrawMenuBar
GetCaretPos

cryptui

CryptUIDlgCertMgr
CryptUIDlgSelectCA
WizardFree
LocalEnroll
CryptUIDlgSelectStoreA

appwiz.cpl

ConfigStartMenu

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 234KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ