3ad9122557c748c0d404a55b21252505_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ad9122557c748c0d404a55b21252505_JaffaCakes118
Size

338KB
MD5

3ad9122557c748c0d404a55b21252505
SHA1

81ed397b12eb17c1a9e6dc42eaeefd80575f57fe
SHA256

8df0c26eba7546e365213dbe4a4d7e9f10974e9f8bc84c02f68815779104fb75
SHA512

9aa54a05240c3f51cb836549ace9c0713e193cd1e3b3abb9c7f7debcd833704dcd6a53ce3dedb1916a63dddb252bddb7f301de0552fba25dc88cc09c385fbd0b
SSDEEP

6144:+nc64DCtD752cycYt4Tl9HSw4T2xmEKhDYfJE9kfIy4jNYoZooqwNgk:+cdK75tHYt4rj4TCxDfIyUjodk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ad9122557c748c0d404a55b21252505_JaffaCakes118

Files

3ad9122557c748c0d404a55b21252505_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6cf785fe6efcf70b3aad80bb6fabe326

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDebuggerPresent
GetCurrentProcessId
GetEnvironmentStringsA
GetStdHandle
HeapQueryInformation
GetModuleHandleA
VirtualProtect
HeapCreate
CreateIoCompletionPort
GetACP
WaitForSingleObject
InterlockedExchange
GetCurrentThread
GetTapeStatus
LoadLibraryExA
GetTimeFormatA
GlobalMemoryStatus
GetLogicalDrives
GetProcessVersion
GetProcessHeap
HeapDestroy

user32

GetWindow
wsprintfA
FillRect
GetWindowTextLengthA
GetCursorPos
ReleaseDC
ShowWindow
EndPaint
SetActiveWindow
GetClassNameA
DragDetect
GetTitleBarInfo
BeginPaint
GetParent
DrawTextA
SetForegroundWindow
FrameRect
GetDlgItem
GetFocus

gdi32

CloseFigure
CreatePalette
GetClipBox
GetLayout
CreateBitmap

setupapi

SetupCloseLog

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 780KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ