3b39eb78e16d310e4577048b537c9141_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b39eb78e16d310e4577048b537c9141_JaffaCakes118
Size

28KB
MD5

3b39eb78e16d310e4577048b537c9141
SHA1

6c82417aa7fc2747b7338267a0582c3b3845caa0
SHA256

daa679aeac98cf1609180b72d246ef1999a06f5f96ef115c5e119931ec01514c
SHA512

500bf9bd0342589f158344a0d5e81531c2b497fd9ff2ee760c278541fa080ecbd09d1746ae8ef26e6a8b9da50d7567879aad3a51ed1b734e31ec708dbd710686
SSDEEP

768:qvryWvbt6GoMK+mP4fAtBI3HCFtPcP9R+UHCA+mo/db:01cMK+fYtB6+wop

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b39eb78e16d310e4577048b537c9141_JaffaCakes118

Files

3b39eb78e16d310e4577048b537c9141_JaffaCakes118
.exe windows:4 windows x86 arch:x86

130dbd876acf5d6c3afbf29faffae1ca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
EnumResourceLanguagesW
EnumResourceTypesA
ExitProcess
GetACP
GetCommandLineA
GetDateFormatA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetSystemTimeAsFileTime
HeapAlloc
InitializeCriticalSection
LocalAlloc
RtlUnwind
SetLastError
UnmapViewOfFile

user32

ShowOwnedPopups
RegisterClassA
OemToCharA
IsCharUpperA
DestroyIcon

advapi32

RegEnumKeyA
RegCloseKey
RegQueryValueA
RegOpenKeyExA

setupapi

SetupGetInfFileListA
SetupFreeSourceListA
SetupFindNextMatchLineA

Exports

Exports

Ekte
Lnklasbiz
Nbi

Sections

.text
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ