3927b05316f6ec83a04540ee874cc7e7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3927b05316f6ec83a04540ee874cc7e7_JaffaCakes118
Size

787KB
MD5

3927b05316f6ec83a04540ee874cc7e7
SHA1

c80ac4bbefa50b2431e8a432a4e768e8c5df5569
SHA256

f62f0e65595c6cd65467b5af8c8b4c60b10626b6ddf8d9f49c4aa7cfa3a1bb1c
SHA512

099d6e09824dfc26df7da2d651f3c70a1fd3810ed1b414e21d5e7f4db1ccfa2fc4181707059b0390cd10b19bbdf8cfeb64abc4c32f8b455c2856a7583478b8f3
SSDEEP

12288:0qPDss0/JxqgNnyhLzlmksKVpRGywShR30ImZo2pxbQfLHH+58X+wI:Jk+WMLcdKKURkImZ5nbaH3+wI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3927b05316f6ec83a04540ee874cc7e7_JaffaCakes118

Files

3927b05316f6ec83a04540ee874cc7e7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6815852f1117d0f9616ec899d667edf6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
LocalFree
TlsGetValue
SetEnvironmentVariableA
CreateMutexA
FindResourceA
TerminateThread
PulseEvent
GetCurrentThreadId
LoadLibraryExW
SetLastError
GetModuleHandleA
ReleaseMutex
GetStdHandle
CreateFileA
GetConsoleMode
HeapCreate
CloseHandle
lstrlenW
Sleep

user32

GetIconInfo
DispatchMessageA
GetDC
SetFocus
FillRect
CheckRadioButton
GetClipCursor
CopyRect
IsWindow
GetDlgItem
DrawEdge
DrawMenuBar
CallWindowProcA

apphelp

SdbCloseDatabase
SdbGetDatabaseID
SdbFindNextTag
SdbFindFirstTag
ApphelpCheckIME

clbcatq

ComPlusMigrate

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 778KB - Virtual size: 778KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ