3a7d1ad9008fce993bebfd37ef19cf36_JaffaCakes118 | Triage

Sharing

General

Target

3a7d1ad9008fce993bebfd37ef19cf36_JaffaCakes118
Size

3.7MB
MD5

3a7d1ad9008fce993bebfd37ef19cf36
SHA1

57a8c688f1ef451dbdcd3382ce2a670e5e6a8ffd
SHA256

58bc3786481700c21e3af30e8c997ac6b9698c4a63ecbe2e1b44d0bad80f23d7
SHA512

31ab7b714f112318a33c1ea5c9bea1eb6132bc1d56c584ea12275afd0bb009d79c66b3f26017a7ab7585928bddeca824f9a9416a1d70825d242f134380d7e23e
SSDEEP

98304:3MN00MBQQd+py/01zQXyZuLVC3dr33UovvU9BXzqd7VP0XdfB5:O00WQm/3BLUBkYU9dzqlKr5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a7d1ad9008fce993bebfd37ef19cf36_JaffaCakes118

Files

3a7d1ad9008fce993bebfd37ef19cf36_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8d5d7f9ec575d185aa1a8c9780d3ecda

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFileTimeToFileTime
GetCommConfig
GetFullPathNameA
lstrcatW
SizeofResource
SetConsoleWindowInfo
WriteProcessMemory
SetStdHandle
OutputDebugStringA
RaiseException
GlobalFindAtomA
GetThreadContext
GlobalFlags
FindFirstFileA
DosDateTimeToFileTime
SwitchToFiber
GetVersion
lstrcmpiA
CreateMutexW
LoadLibraryExA
WriteConsoleOutputCharacterA
GlobalDeleteAtom
EnumCalendarInfoA
GetShortPathNameW
LCMapStringA
ExitProcess

user32

RegisterWindowMessageA
IsDlgButtonChecked
GetScrollRange
GetMenuInfo
SetPropA

oleaut32

SafeArrayPutElement
LoadTypeLibEx
SysAllocStringLen

gdi32

Chord
GetTextAlign
PolylineTo
TextOutW

comdlg32

GetFileTitleW
GetSaveFileNameA

msvcrt

_strtime
_wcsnicmp
_errno
_chsize
wcstoul
_wsplitpath
_wspawnv

Sections

.text
Size: 2KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ