3252e06d51eaa34556dbfeac874cdd63_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3252e06d51eaa34556dbfeac874cdd63_JaffaCakes118
Size

637KB
MD5

3252e06d51eaa34556dbfeac874cdd63
SHA1

4d6d150c26611fa7057646dd751676aa04648d25
SHA256

caaa996e944376e3955582d8806ff25839cd25929287345636067911e93b89ce
SHA512

73c53c01b5f3905fbd2a2e439e9816030893ec6fb4811021fb53032d283bc8e0879b0dcf92992f378e65482709baeae593f86fb1d0e69b63add17ac635ffa7c6
SSDEEP

12288:QhBs+1Dt0keMxURF24NT55rMAj/K0O9gtYt71nb5IMGIyBmzdg7:QA+1DtCZNNxMAj/KDatYRYIym67

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3252e06d51eaa34556dbfeac874cdd63_JaffaCakes118

Files

3252e06d51eaa34556dbfeac874cdd63_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3fcec93eb65090d584920a01f1d192ab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTapeStatus
VirtualProtect
GetModuleHandleA
GetSystemTime
HeapDestroy
GetTimeFormatA
InterlockedExchange
GetCurrentProcessId
IsDebuggerPresent
GetACP
ResumeThread
HeapCreate
GetOEMCP
FreeConsole
GetUserDefaultLCID
LoadLibraryA
PeekConsoleInputA
GetCommandLineA
GlobalMemoryStatus
WaitForSingleObject
GlobalSize

user32

DrawTextA
DragDetect
GetCursorPos
FrameRect
CreateIcon
AnyPopup
GetWindow
ReleaseDC
GetParent
GetTitleBarInfo
ShowWindow
GetClassNameA
GetDC
GetFocus
EndPaint
BeginPaint
wsprintfA
FillRect
SetForegroundWindow

atl

AtlModuleInit
AtlGetVersion
AtlUnadvise
AtlModuleTerm
AtlAdvise

msutb

GetPopupTipbar

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ