35d5874b978fd3307c5f0427d9f8770f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

35d5874b978fd3307c5f0427d9f8770f_JaffaCakes118
Size

391KB
MD5

35d5874b978fd3307c5f0427d9f8770f
SHA1

152d8cab2b8287960e74c4aa407876c4d561c576
SHA256

4d532adc27a0c96a8b254f60082199e9cc3791fa910fd095e8966d7812256fa7
SHA512

054359d617273a29f001f05947725725e30cd415184ef3c426db6c6fa70d4ffb452ea80ff8a85aba89499bc70b207d0ee1f468e4f0b969547073a2684a05b74f
SSDEEP

12288:VFCRMmHEAJLjpFv6w2K/PkFtlVMHFWg1EOfoMzCc3Sa0n:KRMmkAJLjpFvN/ytkjEOfoMWN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35d5874b978fd3307c5f0427d9f8770f_JaffaCakes118

Files

35d5874b978fd3307c5f0427d9f8770f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

37e8d184681dd3f65d79420118cd3ae9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadStringPtrW
GetPrivateProfileStringA
FindClose
GetCurrentProcessId
lstrlenW
ReleaseMutex
GetFileTime
GetDriveTypeA
CreateEventW
HeapCreate
LoadLibraryW
LocalFree
ReleaseMutex
GetCurrentThreadId
GetEnvironmentVariableW
InitializeCriticalSection
WriteFile
TlsGetValue
FindAtomA
GlobalFlags

user32

DrawTextA
IsWindow
EndDialog
DispatchMessageA
CreateWindowExA
GetSysColor
GetKeyboardType
CallWindowProcW
SetFocus
DrawStateW
GetClientRect
GetClassInfoA
GetSysColor

rastapi

DeviceDone
DeviceDone
DeviceDone
DeviceDone
DeviceDone

cryptui

LocalEnroll

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 381KB - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ