3af6bbd455dfe4081c940f8ac9497e70_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3af6bbd455dfe4081c940f8ac9497e70_JaffaCakes118
Size

6KB
MD5

3af6bbd455dfe4081c940f8ac9497e70
SHA1

0f7b966ada72051938664c0e7bbcb2ac961bd7ee
SHA256

bcadece72086b7ab6afba85b3adc61b76c8f7802835eb62a610a9a7fa4a88190
SHA512

cd9122012292bf55534b9b29847abbba54cec2693327f2f1ce7c1ca9d71b2505b9717cf91a2bf0724540bd686caa12d36d8b7b642648f7629f52e334c2aa6352
SSDEEP

96:mEOg3jziiMl2QrcH1HTmcAEyoIBwel4599thH3X3XpX32Kxuw28EVi33sj:0iMl2rJKbEdez+5DH3X3Xp2KA7q30

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3af6bbd455dfe4081c940f8ac9497e70_JaffaCakes118

Files

3af6bbd455dfe4081c940f8ac9497e70_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5dd9906108352cb7d1c32b17e1420178

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumDateFormatsA
GetCommandLineW
GetPrivateProfileSectionNamesA
GetAtomNameA
OpenWaitableTimerA
GlobalGetAtomNameW
GetStringTypeExW
OutputDebugStringA
UpdateResourceA
SetVolumeLabelW

user32

SendMessageCallbackW
CharToOemBuffW
IsCharLowerA
WinHelpA
GetDlgItemTextW
EnumDisplaySettingsExW
EnumDisplaySettingsW
GetWindowTextLengthA
SendMessageA
RemovePropA

gdi32

GetCharWidthFloatA
GetObjectA
ResetDCA

Sections

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.icode
Size: 1024B - Virtual size: 820B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.��
Size: 1024B - Virtual size: 756B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ