340c71eaa5bd4b8741777801b11d22d4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

340c71eaa5bd4b8741777801b11d22d4_JaffaCakes118
Size

312KB
MD5

340c71eaa5bd4b8741777801b11d22d4
SHA1

fc0edf6a053a92fbaa00dbf08166ff275688cde4
SHA256

6888196c47ccc9abfc6488228478bfe9bb3d369f5a8293ae5b90ed1c8c72e680
SHA512

3a2cd48159ff96416c4e6af1867a7f8a72c83b419e3613211cdc6bb10b52afe70c6fd7d624cc0744e6b509ddec31649134925f23ac9190c3d5ed4e15ce9a1796
SSDEEP

6144:uZi+WewfBUvNFz4o4+MymM552Yn1rMRMUN+zaRtACBZyD7J2sn:ai+WekwD4Nryt/XUUXYIxFn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
340c71eaa5bd4b8741777801b11d22d4_JaffaCakes118

Files

340c71eaa5bd4b8741777801b11d22d4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2cbe017e025b169cdeb7575c689b28c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultLangID
GetConsoleCP
GetPriorityClass
GetStdHandle
ReleaseMutex
GetThreadLocale
GetModuleHandleA
SetEvent
VirtualAlloc
GetProcessHeap
CompareStringA
GlobalFindAtomA
LoadResource
TlsFree
CreateThread
LocalAlloc
TlsGetValue
GetVolumeInformationA
GetOEMCP
OpenSemaphoreA
IsDBCSLeadByte

user32

DrawTextExA
ValidateRect
CloseWindow
InvalidateRect
ReleaseDC
GetFocus
IsIconic
GetSystemMetrics
GetDC
GetWindow
GetClassInfoExA
IsWindowVisible
ShowWindow
GetWindowTextA
GetWindowTextLengthA
GetForegroundWindow
GetClassNameA
GetActiveWindow
RegisterClassA

shell32

SHChangeNotify
SHBrowseForFolderA
SHGetMalloc
SHGetFileInfoA
SHGetFolderPathA

userenv

LoadUserProfileA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ