3a0bcbc0540f0b409308c8f37fedf395_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3a0bcbc0540f0b409308c8f37fedf395_JaffaCakes118
Size

348KB
MD5

3a0bcbc0540f0b409308c8f37fedf395
SHA1

b4ecfec88395e6aaa3fdf7fce959d3e94b34af8a
SHA256

437a87c564c8a61615aea2606650958db59b2fe43e08d6bcecd1f9ceaad176cc
SHA512

641ca387e7eb5788014e93a5ee1b5c59bac35bb3d1343e0e441d1f35f140f74bee13dd5af92e82a2bb1329ba698614dc1de4750c2c8382558f6d9fbc4b27a83a
SSDEEP

6144:Xu0aa1ofvG1zvYR18VKOD0W/1BmlZVuxDHi:t1ofvG1TyET/1BCs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a0bcbc0540f0b409308c8f37fedf395_JaffaCakes118

Files

3a0bcbc0540f0b409308c8f37fedf395_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8278dbf28f0923210b3e4136918d86a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
FindResourceW
PulseEvent
GetCurrentThreadId
GlobalUnlock
TlsGetValue
GetStdHandle
lstrlenA
GetModuleHandleA
CloseHandle
GetEnvironmentVariableA
CreateFileW
GlobalFree
GetExitCodeProcess
SetLastError
UnmapViewOfFile
lstrcpyA
HeapCreate
LoadLibraryExW
CreateProcessA

user32

DrawEdge
SetFocus
CallWindowProcA
DrawMenuBar
CreateWindowExA
GetDlgItem
GetDC
CheckRadioButton
GetCaretPos
FillRect
CreateIcon
DispatchMessageA
IsWindow

rsaenh

CPDeriveKey
CPGenKey
CPDecrypt
CPHashData
CPSignHash

msasn1

ASN1BERDecEoid

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 271KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ