3895f52aa26cfa18744fcc92a3ff5fc9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3895f52aa26cfa18744fcc92a3ff5fc9_JaffaCakes118
Size

189KB
MD5

3895f52aa26cfa18744fcc92a3ff5fc9
SHA1

cb72e1af2960cee95ddf6392c5e1320ee2a1b97f
SHA256

069ea32aedfc2673908f300fdd658e456f9b23322a9bc45b36904d4a1e6b1217
SHA512

b97aaef70f9b6dab077797a91851d75d93f3c4b259dfae64339acc3c18386ee0036534c4a26bf669dc7296b4528ca95f42ecaf1b2996a09dc2dc5573da595eb7
SSDEEP

3072:Q+81l0kY7REJCtOKIFpG/lYBrK9ORxYssCxxpaUuvGg0uPy4HI1uUCuaO6:QfPYstFBxasv9u+g0u81uUCG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3895f52aa26cfa18744fcc92a3ff5fc9_JaffaCakes118

Files

3895f52aa26cfa18744fcc92a3ff5fc9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

82bf955916f1debca51ebcf570541645

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Depth
SetupDiGetDeviceRegistryPropertyA
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

user32

wsprintfW
LoadStringA
IsWindowVisible
GetWindowTextA
PeekMessageW
PostThreadMessageW
GetWindowThreadProcessId
CharUpperW
SetTimer
MessageBoxA
DispatchMessageA
CharNextA
GetMessageW
KillTimer
EnumWindows
wsprintfA

kernel32

SetLastError
HeapFree
GlobalAddAtomW
SizeofResource
GetModuleHandleA
GetProcessHeap
EnumResourceTypesA
LockResource
EnumResourceNamesA
FindFirstFileA
LoadLibraryW
RaiseException
EnumResourceNamesA
GetProcAddress
FormatMessageA
GetLastError
HeapAlloc
EnumResourceLanguagesA
GetCommandLineA
MultiByteToWideChar
GlobalFree
GetCurrentDirectoryA
FindNextFileW
CloseHandle
GetCurrencyFormatA
LocalFree
FindFirstFileW
FindResourceExA
LoadResource
InterlockedExchange
Sleep

Sections

.text
Size: 99KB - Virtual size: 238KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ