3ad2bf766e309ffdb33f72028fbcf1ee_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ad2bf766e309ffdb33f72028fbcf1ee_JaffaCakes118
Size

350KB
MD5

3ad2bf766e309ffdb33f72028fbcf1ee
SHA1

23b90073de1ff976038e037927a38373fdd7dda9
SHA256

1aef7cf32e2f7ab09bc51883a4040136c70f0dc36ce8c54a5b485eeb44031387
SHA512

3f85690f148c585e8efc968d82627846f500a5e3f368216c7e853910e77a9e33bb53d78fe3b38f1a8d6508469cef07538637dad2c41bc7b24a7e9141d9da5c55
SSDEEP

6144:V3dJ1PQUfzSu6B53YZzaAcmjkZvXxxQILGQZO0k0vVIUtj:1H1IPrezsvXxpN2O3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ad2bf766e309ffdb33f72028fbcf1ee_JaffaCakes118

Files

3ad2bf766e309ffdb33f72028fbcf1ee_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9eeaf1d31d8aa2b0fcdbcbf4999f38de

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetACP
lstrlenA
HeapReAlloc
InterlockedExchange
GetConsoleCP
GetAtomNameA
TlsFree
GlobalUnlock
GetProfileIntA
WaitForSingleObject
GetVersion
VirtualProtect
GetStdHandle
LoadLibraryA
FindAtomA
CompareFileTime
HeapWalk
CloseHandle
TlsGetValue
GetTickCount

user32

SetPropA
GetKeyboardLayout
MessageBoxA
GetWindowTextA
EnableScrollBar
DialogBoxParamA
CopyRect
ModifyMenuA
CreateCaret
DispatchMessageA
ShowWindow
GetMenu
EqualRect
GetDlgItem
InsertMenuA
GetMenuStringA
GetScrollRange
TranslateMessage
UpdateWindow
PostMessageA
DestroyMenu
SetWindowPos
LoadIconA
SubtractRect
InflateRect
PaintDesktop

msi

MsiEnumProductsA
MsiGetMode
MsiCloseHandle
MsiDoActionA
MsiEnumClientsA

ws2_32

WSAAccept

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 516KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ