3a2e131265058912672fe3349bd52ae5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3a2e131265058912672fe3349bd52ae5_JaffaCakes118
Size

162KB
MD5

3a2e131265058912672fe3349bd52ae5
SHA1

fb39bca0fba1782876b1d2fb2a4c38c71e9bec0a
SHA256

6baf0c8fc7b06857039faad854586b5f13c3ab9ba963ece9fda109ca1a6a1d72
SHA512

015c64222c9e20f2221a54a04ba69551b1e60dbad90e77aa66cbce341353bc15e342039139959da2d0230e4e9fe4570ace314691833da9c228b8e8dee01ff49f
SSDEEP

3072:BMVR+U+VQSyzC6za0CYU1OvV3JdbzMAZH:6R+U+VRfWeYcOvV5ZJZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a2e131265058912672fe3349bd52ae5_JaffaCakes118

Files

3a2e131265058912672fe3349bd52ae5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f317c0101648040b102b8300c8b371c7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

LresultFromObject

user32

LoadCursorW
GetWindowInfo
MessageBoxW
CreateWindowExW
GetUpdateRgn
RegisterClassExW
GetDC
EndDialog

kernel32

DuplicateHandle
VirtualFree
PrivMoveFileIdentityW
ProcessIdToSessionId
GetModuleFileNameW
WriteFile
LoadLibraryW
OutputDebugStringW
GetFileAttributesA
WaitForSingleObject
ReleaseMutex
LoadLibraryA
GetProcessId
DeleteAtom
CreateFileMappingA
MoveFileW
GetStdHandle
SetEvent
CloseHandle
VirtualAlloc
lstrcpynW
EnumResourceTypesA
MapViewOfFile
CreateDirectoryW
ExitProcess
GetFileAttributesW
AddAtomW
SystemTimeToFileTime
CreateMutexA
LoadLibraryExW
CreateFileW
OpenProcess
UnmapViewOfFile
GetUserDefaultUILanguage
GetSystemTime
GetProcAddress
CreateEventA
FindAtomW

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.apexi
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ