3b14db907fc4bdcd1bdb2abc08ec2b53_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b14db907fc4bdcd1bdb2abc08ec2b53_JaffaCakes118
Size

636KB
MD5

3b14db907fc4bdcd1bdb2abc08ec2b53
SHA1

a900beb60b401c9b3ba9fe29a25851e8319c67b6
SHA256

91ae4baa31ade1ac33a6a26141f1729d6127b92c02462d46547807adc8f7d155
SHA512

3234d749c211afbf273e31ab8dbb436ebeac48d2a8324532b448bf07938ff1618d25947d89098f396e43da75e7278a24bf6976b9b7f6eff0ead5a8bb76defc55
SSDEEP

12288:JmFhr395JN/RHya7lDSyQIOBA5AmyG3sOOmUzCoS1vsIfjm:JIhfb/RSaxD5/OBA5AmyQsOtUmHlfj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b14db907fc4bdcd1bdb2abc08ec2b53_JaffaCakes118

Files

3b14db907fc4bdcd1bdb2abc08ec2b53_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6685d7579033fbf612fbb5051bc75bb4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchange
LoadLibraryExA
VirtualProtect
GetCommandLineA
WaitForMultipleObjects
CompareFileTime
GetVersion
ResumeThread
GetConsoleDisplayMode
SetLastError
GetTickCount
WaitForSingleObject
GetModuleHandleA
GlobalSize
HeapReAlloc
GlobalUnlock
GetConsoleCP
GetAtomNameA
HeapCreate
GetUserDefaultLangID
lstrlenA

user32

GetDC
GetTitleBarInfo
ShowWindow
CreateIcon
wsprintfA
GetParent
GetFocus
GetClassNameA
GetWindow
GetCursorPos
FrameRect
DragDetect
EndPaint
BeginPaint
DrawTextA
FillRect
AnyPopup
SetForegroundWindow
ReleaseDC

rastapi

PortClose
AddPorts
DeviceConnect
DeviceListen
DeviceDone

quartz

DllGetClassObject

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ