3f02c341b33c8d852b9c63e8216f019f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3f02c341b33c8d852b9c63e8216f019f_JaffaCakes118
Size

39KB
MD5

3f02c341b33c8d852b9c63e8216f019f
SHA1

5b2bd017318a8e53908384975a86b93ffacd5f18
SHA256

df46aa873a41fa39b6561428ac952d263e9c0adf76a64fe5f1a5d297d79927f0
SHA512

06d05fe9ea80bb1e382ee51de3447a3939cf5a21b1aaafc1add358d26be201078f1fc8d0ee55445c0137103a36765cb3bbab8b1555a2fb09d212595f54eb5ad6
SSDEEP

768:3D9qF2QZX8DFJ35Yd5K43+LRHJxL5vlPFQxNAnQg+wxrp1TZpk:zgURB5BJHlPWxjgrrrZpk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f02c341b33c8d852b9c63e8216f019f_JaffaCakes118

Files

3f02c341b33c8d852b9c63e8216f019f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1161f2887a756ffdaf5474b78d797a5d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
GetKeyboardType
CreateWindowExA

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
GetACP
TlsSetValue
lstrcpyA
Sleep

oleaut32

SysFreeString
SafeArrayPtrOfIndex

advapi32

RegQueryValueExA
RegQueryValueExA

gdi32

UnrealizeObject

version

VerQueryValueA

comctl32

_TrackMouseEvent

Sections

.text
Size: 24KB - Virtual size: 704KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE