39963fa56c7a189de10cdc47953c62c5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

39963fa56c7a189de10cdc47953c62c5_JaffaCakes118
Size

395KB
MD5

39963fa56c7a189de10cdc47953c62c5
SHA1

639a708ad189e3344b92ad11f7290a49953c61cc
SHA256

3eb8a33fc796559c7ad63c1a2ed4b7d7d986efb02b95214cebb5565c2f3840d3
SHA512

1292e5c8a9694ff44aadf876f97fea6b9f2fec30360ce3bd1814028a426b2a2abb15726188e0f4e3530c1737483a04e35c98258b4707454c64d22ed08d2de743
SSDEEP

6144:/6RJG8KMBU+xo2e+5bYwCOMeruVipEMS1BWKak/wGY4mswgIxhX8784glfg:/YU+xa8bAe6V1RUKakIGEz8Tsf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39963fa56c7a189de10cdc47953c62c5_JaffaCakes118

Files

39963fa56c7a189de10cdc47953c62c5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

45e773bd80f10217358da240f7c4851f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
GetSystemTime
PulseEvent
Sleep
ResetEvent
CreateFileW
GetCommandLineW
GetCurrentDirectoryA
HeapCreate
lstrcpyA
GetCurrentThreadId
GetModuleHandleA
GetComputerNameA
lstrlenA
LocalFree
LoadLibraryW
UnmapViewOfFile
GlobalUnlock
CreateThread
CloseHandle

user32

DrawMenuBar
DispatchMessageA
SetFocus
CreateWindowExA
GetDC
CheckRadioButton
FillRect
IsWindow
DrawEdge
GetDlgItem
GetCaretPos
CreateIcon
CallWindowProcA

cryptui

CryptUIDlgSelectStoreA
CryptUIDlgCertMgr
LocalEnroll
WizardFree
CryptUIDlgSelectCA

appwiz.cpl

ConfigStartMenu

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 396KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 371KB - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ