3494dab04b636be7f6cb9201dff21e13_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3494dab04b636be7f6cb9201dff21e13_JaffaCakes118
Size

181KB
MD5

3494dab04b636be7f6cb9201dff21e13
SHA1

0e5cd4d62743bf05fe6f8296b3e34e479da48f61
SHA256

22a12ae9356fd23ad260ab74a2317115b1fb2a834ee36eb74c6d3b9fee031d12
SHA512

8915c4ea07883205883369f331936a0591cef0962744de9c9c3d3fadbe844383a9016357c5076728707651386837a5b46ad417aa41731c982b68cc5b839c32a7
SSDEEP

3072:bzzmBkZO5EOoyFpUNe0trbCbTthJ1b8xZb64/1c/pNXwGL5KZ3UleDRzL:zmcZGJ0dynkxZb6O2LXwKcnR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3494dab04b636be7f6cb9201dff21e13_JaffaCakes118

Files

3494dab04b636be7f6cb9201dff21e13_JaffaCakes118
.exe windows:5 windows x86 arch:x86

58c3a9e187981af536989990826c7075

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

L:\rTsyXYsN\ykdkr\IdvPEuwt\mUOc.pdb

Imports

gdi32

GetDeviceCaps
CreateBrushIndirect
GetBitmapBits
CreateDIBSection
RemoveFontResourceW
RealizePalette
GetLayout

user32

SetWindowLongW
InsertMenuW
GetMenuItemRect
DialogBoxIndirectParamW
PeekMessageA
GetScrollPos
GetWindowLongA
GetWindow
ShowWindowAsync
VkKeyScanW
GetClassNameW
MapDialogRect
RemoveMenu
OpenDesktopW

kernel32

GetTimeZoneInformation
GetProcAddress
VerSetConditionMask
HeapSize
MulDiv
lstrcmpiW
GetOverlappedResult
LoadLibraryW
SetFileTime
GetComputerNameW
FindClose
GetExitCodeThread
FreeResource
GetThreadLocale

Exports

Exports

?rrkIInj@@YGXPAKJ@Z
?IpsmqGRhYXmqgRxzmsoX@@YGPAGPAJ@Z

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 1024B - Virtual size: 643B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 141KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ