3ac83c56acba553277a397b8da737a50_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ac83c56acba553277a397b8da737a50_JaffaCakes118
Size

64KB
MD5

3ac83c56acba553277a397b8da737a50
SHA1

11c6717b00c7295b64c0d8dcd2e854b091425718
SHA256

b59739b2291e50b481a5fc60ca9054bbd74147f13c8adc102e065c4b3a7fb4c6
SHA512

0ecbd26121cbeb7f54b7fe4066a7af128f6f2c41a2d2c6d125754ae5e43368dce24e4a07d5fbf045f643288fb12faa6af476872312efe08202406d3e3bf5b1df
SSDEEP

1536:sUf/T5PLlaLm6tYBDDUYfEkzRxUsTMuZOVvm7QT8PaB5:sEbpD6KBXjEAwuZOVvwM5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ac83c56acba553277a397b8da737a50_JaffaCakes118

Files

3ac83c56acba553277a397b8da737a50_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aa0886995d5d779eefca8a5d5be46596

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
GetModuleHandleA
GetFileTime
VirtualProtect
SetFilePointer
SetEvent
HeapReAlloc
WideCharToMultiByte
VirtualAlloc
CloseHandle
SetFileTime
lstrcatW
FindClose
lstrlenW
lstrcpyA
FindNextFileW
CreateMutexW
FindFirstFileW
GetFileSizeEx
CreateFileA
GetFileAttributesA
OpenMutexW
GetModuleFileNameW
GetTickCount
InitializeCriticalSection

shlwapi

SHDeleteKeyA
PathCombineW
wnsprintfA
PathFindFileNameW
wnsprintfW
StrStrW
PathMatchSpecW
wvnsprintfW

advapi32

CryptGetHashParam
CryptCreateHash
GetUserNameW
DuplicateTokenEx
RegEnumKeyExA
CryptAcquireContextW
CryptReleaseContext
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA

user32

CloseWindowStation
GetDlgItemTextA
GetWindowLongA
GetForegroundWindow
GetWindowThreadProcessId
SetProcessWindowStation
SendMessageA
GetCursorPos
EndDialog
GetKeyState
DispatchMessageA
GetDlgItem
OpenWindowStationA
GetIconInfo
CloseDesktop
GetClassNameA

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE