3409e1b8c09f03d770a08a1c4b94f9f6_JaffaCakes118 | Triage

Sharing

General

Target

3409e1b8c09f03d770a08a1c4b94f9f6_JaffaCakes118
Size

41KB
MD5

3409e1b8c09f03d770a08a1c4b94f9f6
SHA1

919aee3c57cae3e072b6832c445f0fad220db446
SHA256

39870553a77137f7fc70d24697ce43f73b029f5094a07c955f99115d12eb173d
SHA512

2e4440e50a291a6cb49b2b20a848bf6579071cfd1952e1ff155a9ad539dc93975312f34bb66e26edc857af7591aa8669012c67b2fe9b85719e7f6d1c756f9156
SSDEEP

768:jOQRoytS1Jex+65b6bE/jaQQlq3Pl06yopdYkJOvpLONii6Q7asQbQk+vtO4nvFN:wOS1JeY65TraQQlaeXanIHpbb+vI4nb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3409e1b8c09f03d770a08a1c4b94f9f6_JaffaCakes118

Files

3409e1b8c09f03d770a08a1c4b94f9f6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

361939927697fc29a0b95bed16b474aa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
DeviceIoControl
ExitProcess
FindResourceA
FreeEnvironmentStringsA
GetACP
GetCommandLineA
GetConsoleCP
GetDriveTypeA
GetModuleHandleA
GetOEMCP
GetPriorityClass
GetStartupInfoA
GetTickCount
GetUserDefaultLCID
HeapAlloc
HeapCreate
HeapReAlloc
InterlockedDecrement
InterlockedIncrement
IsValidLocale
MultiByteToWideChar
OpenEventA
RtlUnwind
SetEvent
SetLastError
SetUnhandledExceptionFilter
VirtualFree
lstrcmpA

msvcrt

__p__commode
__p__fmode
__set_app_type
_exit
exit
fwprintf
__getmainargs

user32

BeginDeferWindowPos
DefDlgProcA
DeferWindowPos
GetUpdateRgn
GetWindowPlacement
LoadIconA
RedrawWindow
SetFocus

winmm

sndPlaySoundA
timeEndPeriod
timeGetTime
waveOutGetNumDevs
mmioSetBuffer

Exports

Exports

DrawTextWCP_ME
VersionNumberUCScribe

Sections

.text
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ