3670731e4857e210244710aba486fbcd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3670731e4857e210244710aba486fbcd_JaffaCakes118
Size

204KB
MD5

3670731e4857e210244710aba486fbcd
SHA1

036a23ec23f2397e9da1cc4039e497de1441a0a7
SHA256

7eb4e7ad82adaec8d58ce30464f582a3ea6c47f9858ebc76d19bbbeddc8e6337
SHA512

ecf2152c9c9aecf137f00347fcadb3708572200cf01f0274bba690532dd55ab58ff29bf3cccbfc747c989c2b9e184a2666837773e27f4a8bf3af99d64f7a5576
SSDEEP

3072:xnufiotjaDO3e+B2/7YDLhxD0fWrrEGisav8ZaUPcPqe95:x4LtjasB+7Y3OWrriv8ZN2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3670731e4857e210244710aba486fbcd_JaffaCakes118

Files

3670731e4857e210244710aba486fbcd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bbbf0cb9b810ea0ca152dd825173992a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSectionAndSpinCount
InitializeCriticalSection
WriteConsoleOutputCharacterW
LeaveCriticalSection
Module32Next
TryEnterCriticalSection
VirtualAllocEx
GetLocaleInfoA
ReleaseMutex
GetCPInfoExA
SetComputerNameA
GetComputerNameExA

advapi32

CredGetTargetInfoW

opengl32

glTranslatef

ntdsapi

DsCrackNamesW

user32

ChildWindowFromPointEx
DlgDirListComboBoxA
GetWindowTextLengthA
ChildWindowFromPoint

gdi32

CreateCompatibleBitmap
CreateCompatibleDC

secur32

TranslateNameW

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ