3a4d09799ad1306d493fdf37c24d1997_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3a4d09799ad1306d493fdf37c24d1997_JaffaCakes118
Size

636KB
MD5

3a4d09799ad1306d493fdf37c24d1997
SHA1

a263384f684a62a0729b77bf4cc2f8ac074d4db4
SHA256

40bbf602a5ab8ebb0369f7ee9ceddc72df3e7628af7ebcc5c8434524fe27fd7a
SHA512

931e183251bd0bb063f6e99b1e1b125c793a16f17d36abca2600a2d38f6c18832d1838322a12fcd785dd997504da0ac487f5271aa604f47a79858aaecaf5a01a
SSDEEP

12288:YmFhr395JN/RHya7lDSyQIOBA5AmyG3sOOmUzCoS1vsIfjm:YIhfb/RSaxD5/OBA5AmyQsOtUmHlfj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a4d09799ad1306d493fdf37c24d1997_JaffaCakes118

Files

3a4d09799ad1306d493fdf37c24d1997_JaffaCakes118
.exe windows:4 windows x86 arch:x86

421ca1a593fe736daa40e3229c4e2d44

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
LocalLock
GetConsoleDisplayMode
GetACP
GetAtomNameA
SetLastError
GetModuleHandleA
GetSystemTime
lstrlenA
LoadLibraryExA
WaitForSingleObject
GetConsoleCP
GetUserDefaultLangID
VirtualProtect
GlobalSize
GetCommandLineA
InterlockedExchange
ResumeThread
GetVersion
HeapCreate
WaitForSingleObject

user32

DragDetect
DrawTextA
ReleaseDC
CreateIcon
FillRect
GetFocus
AnyPopup
GetClassNameA
FrameRect
GetParent
wsprintfA
GetWindow
BeginPaint
GetTitleBarInfo
SetForegroundWindow
EndPaint
GetCursorPos
GetDC
ShowWindow

ntshrui

DllCanUnloadNow
GetLocalPathFromNetResourceA
GetNetResourceFromLocalPathA
SetFolderPermissionsForSharing
DllGetClassObject

msacm32

acmFilterEnumA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ