3256d8e3d7f8b436be00ab403e42aa7c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3256d8e3d7f8b436be00ab403e42aa7c_JaffaCakes118
Size

775KB
MD5

3256d8e3d7f8b436be00ab403e42aa7c
SHA1

39b2508d9ea0837ed3eb02911c034ce9d37b1ed6
SHA256

775bc2fa9a4d8ebe1ba46c8bf9059f608ed90b636e9f3a9df09decda577ab87c
SHA512

0969c363229786ecc68b18583678c5c9955455272fcbb6f701ef9693bb1a2e8d3263bf68b453feab648dc9721539d4fb38c39aa8d92340d9bc2b0e33d36146ef
SSDEEP

24576:CFHA/O63gWYBmC/6JdW+Er29Rxkds4HIaa2:Ct0tC/ufo29RxkdfHIT2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3256d8e3d7f8b436be00ab403e42aa7c_JaffaCakes118

Files

3256d8e3d7f8b436be00ab403e42aa7c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

61a44d6cf22465c280c858a5c5b5f1a6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyA
GetCommandLineA
CreateFileW
TlsGetValue
GlobalFree
UnmapViewOfFile
GetCurrentThreadId
GetEnvironmentVariableA
SetLastError
GetComputerNameA
LoadLibraryExW
lstrlenA
CreateProcessA
FindResourceW
Sleep
PulseEvent
GlobalUnlock
CloseHandle
HeapCreate
GetModuleHandleA

user32

DispatchMessageA
GetCaretPos
FillRect
CreateIcon
CreateWindowExA
DrawEdge
CallWindowProcA
SetFocus
GetDlgItem
CheckRadioButton
GetDC
IsWindow
DrawMenuBar

rsaenh

CPDecrypt
CPSignHash
CPGenKey
CPHashData
CPDeriveKey

msasn1

ASN1BERDecEoid

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 765KB - Virtual size: 768KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE