34c1c8e802d00e29f83d4a3c209fb99c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

34c1c8e802d00e29f83d4a3c209fb99c_JaffaCakes118
Size

44KB
MD5

34c1c8e802d00e29f83d4a3c209fb99c
SHA1

e2089ba62aa64fc28e6ecfa602f0afd5fe2c7383
SHA256

138ecf24eae50b717c02aa4a3b81ee308e46b8a1988a39c5b090dfd0e8b4f1f6
SHA512

4f9703aec9dbcdced7226e3b04f6b9936adb9458af5e1965b4c5e49df24d3633efb930e1ee50b195f78b62aead3a0f55baad71b5f9203f0bb7c19c422ddc924a
SSDEEP

768:QiJ9x85MrmIGM9DwciwZBlFhXTwHG4XC8pFrvsZdfS1bband:TJ2IeMVbiwZrbTwHG4XC8ToZAand

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34c1c8e802d00e29f83d4a3c209fb99c_JaffaCakes118

Files

34c1c8e802d00e29f83d4a3c209fb99c_JaffaCakes118
.exe windows:3 windows x86 arch:x86

745a1db286d13c781467223fd4c97f98

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetCurrentDirectoryA
VirtualAlloc
IsDebuggerPresent
GetDiskFreeSpaceW
lstrcpy
GetVersion
GetStartupInfoW
GetEnvironmentVariableW
OpenEventA
GetModuleHandleW
GetLongPathNameW
lstrcpyA
GetAtomNameA

user32

RegisterHotKey
GetMenuItemInfoA
GetKeyboardType
EndPaint
IsDlgButtonChecked
SetWindowRgn
InvalidateRect
IsIconic
OffsetRect
CreateDialogParamW
ShowCaret
wsprintfA
SetScrollPos
GetDlgItem
GetCapture
EnableWindow
RegisterClassA
CloseWindow
EnumWindows

gdi32

CreateDCW
CreateBitmap
StretchBlt

advapi32

RegRestoreKeyW

comdlg32

FindTextW

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ