3f2d094dc0eb6cc6328f2c2dabe58a0c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3f2d094dc0eb6cc6328f2c2dabe58a0c_JaffaCakes118
Size

299KB
MD5

3f2d094dc0eb6cc6328f2c2dabe58a0c
SHA1

ce1de345f4d6747e26d9ee4ef4499f820f9653bd
SHA256

490b7b2403d28a189520e25c34a61aebd1d6bf1e79c46dcdfbbf36bb1ac7355b
SHA512

3996f5c02dc53c5ed6839e83d9c4480aa27bafd0659bb95a5ca8d81e7408dd45a968ded8a693661a057c3363edce3488762563061514d5029f17225793c865b9
SSDEEP

6144:5MZ38g7YD6nYvZ1rB5YRkIQU2nebLenk7k3xoxVfOLA25vHBg76giM36j:OZ6h1rB5YeId2nyJOxUwL7Dh5MC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f2d094dc0eb6cc6328f2c2dabe58a0c_JaffaCakes118

Files

3f2d094dc0eb6cc6328f2c2dabe58a0c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

efbca26d0e61777949351e57addf7085

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalUnlock
GetCurrentDirectoryA
CreateThread
GetSystemTime
GetTickCount
SetLastError
GetCommandLineW
lstrlenA
PulseEvent
CloseHandle
GetModuleHandleA
LocalFree
Sleep
LoadLibraryA
CreateFileA
GetComputerNameA
SetEvent
UnmapViewOfFile
CreateThread
HeapCreate

user32

CheckRadioButton
GetDC
GetScrollBarInfo
FillRect
GetDlgItem
GetKeyState
CreateWindowExA
SetFocus
IsWindow
DispatchMessageA
DrawMenuBar
DrawEdge
CallWindowProcA

clbcatq

SetupOpen
SetSetupSave
UpdateFromAppChange
CheckMemoryGates
DowngradeAPL

desk.cpl

InstallScreenSaver

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 628KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ