3055c35af1ce414d869fd2a2ac32d1b8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3055c35af1ce414d869fd2a2ac32d1b8_JaffaCakes118
Size

16KB
MD5

3055c35af1ce414d869fd2a2ac32d1b8
SHA1

1a89c1e0484bc3540687bd2f77a49648c43bc7eb
SHA256

b076aaf1b6abd0b01390d2af6108092910e7f266f1f57be2762ac4960428f41f
SHA512

76aa101b5acf0cea0fd422879769213dfa805771aa62d052410736d7def99e7c9a374177e2a6da8e50b2536cef90d142fa2b8dbe523f023b28372147d81414ec
SSDEEP

96:/lCRteQjJvY/TcvtJniAlVZLD0WBJ27nIX2jPtboynAO8eH3k10tv:/cRVpY/Tc/nBJ27nIXWP1oynbvk4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3055c35af1ce414d869fd2a2ac32d1b8_JaffaCakes118

Files

3055c35af1ce414d869fd2a2ac32d1b8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

70b88f4e3ad1e8dea7b9831e946a7e1c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileAttributesA
CopyFileA
DeleteFileA
GetSystemDirectoryA
LoadLibraryA
WinExec
GetLastError
CreateMutexA
GetStartupInfoA
GetModuleHandleA
GetModuleFileNameA
GetProcAddress

user32

CreateWindowExA
ShowWindow
UpdateWindow
DispatchMessageA
LoadCursorA
GetSystemMetrics
LoadImageA
TranslateMessage
GetMessageA
RegisterClassExA
DefWindowProcA
LoadIconA

gdi32

GetStockObject

shell32

ShellExecuteA

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
strstr
fclose
fprintf
fopen
fwrite
sprintf
fread
??2@YAPAXI@Z
ftell
fseek
_exit
_XcptFilter
exit
_strlwr

shlwapi

SHSetValueA
SHGetValueA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 440B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE