3f24626746c330a28d2eb90336f00cb4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3f24626746c330a28d2eb90336f00cb4_JaffaCakes118
Size

278KB
MD5

3f24626746c330a28d2eb90336f00cb4
SHA1

0541cc23343933f4af56633dcb55aff36d403b2c
SHA256

c17c935c5b3ff9bf1938ab84d6091b0ac6cbb0ad798de6d6fc0aeddf858188f2
SHA512

7484e70e69dc4ea477453997882b3d9c13436502c919d79d525a9bf254be6f94f0b4cd9f0c73ae82e6b932bee4d0e8b4f80c1903b134e22010d9505bc344b793
SSDEEP

6144:/zm23kEjnz4acE+9lfWoYMN52q02bCo6LR41q+UO:/9PdcF95bYMN3bCq4E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f24626746c330a28d2eb90336f00cb4_JaffaCakes118

Files

3f24626746c330a28d2eb90336f00cb4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

34cbf2b4b4bb79fca0ac3c86efb7ad8f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateEventA
CreateThread
EnterCriticalSection
ExitThread
FormatMessageA
GetCurrentProcess
GetDateFormatA
GetModuleFileNameA
GetStartupInfoA
GetTickCount
GlobalAlloc
InitializeCriticalSection
InterlockedExchange
LeaveCriticalSection
LoadLibraryA
MapViewOfFile
MoveFileW
MulDiv
ReadFile
SetCurrentDirectoryA
SetEvent
Sleep
WaitForSingleObject
WriteConsoleA
lstrcmpiA
lstrcpyA
lstrlenA

user32

DestroyWindow
GetActiveWindow
GetClassInfoExW
GetForegroundWindow
PaintDesktop
RemovePropW
SetMenuDefaultItem
SetWindowPos
WindowFromPoint

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 263KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ