3b649e28ac5b9127a73a4d9420875ae5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b649e28ac5b9127a73a4d9420875ae5_JaffaCakes118
Size

338KB
MD5

3b649e28ac5b9127a73a4d9420875ae5
SHA1

36a9bf37e717f3396675582de30c509ad18f6e9a
SHA256

b42bb41fafa437b806831f05ef06d923590b5d598be6fdde4aa3d2c45a2c0909
SHA512

cf41bfad9aaceb8271089e96fd2de98cd65cff1d3e6c8e3d429a25f3670a19a6fa39def1a3dbb8315a37383f19d799f04e8a8d6ad1ce8242378af378a4312d41
SSDEEP

6144:2trh2F5PlPi2R7YjxgB5YvPM2TcNbS0P1D8umNOws+77AwRm+4KSjz9cIvGQc1u:MhwP1R7q9oNblP1D8r8ws+754b9RcU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b649e28ac5b9127a73a4d9420875ae5_JaffaCakes118

Files

3b649e28ac5b9127a73a4d9420875ae5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f78e18a93099fe64826c56d5f5e9ac36

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
ExitProcess
ExitThread
GetCommandLineA
GetCurrentProcessId
GetCurrentThreadId
GetLocaleInfoA
GetLocaleInfoW
GetModuleHandleA
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
GlobalAddAtomA
LoadLibraryA
OpenEventA
QueryPerformanceCounter
SetEnvironmentVariableA
SetUnhandledExceptionFilter
VirtualAlloc
VirtualProtect
WriteFile
lstrcmpiA

msvcrt

wcscmp
strstr

user32

FindWindowExA
EndDeferWindowPos
IntersectRect
LoadCursorA
SetWindowTextA
EnableWindow
DrawMenuBar
DestroyIcon
CreateMenu
GetDesktopWindow

comctl32

CreateStatusWindowA
GetEffectiveClientRect
ShowHideMenuCtl
InitCommonControls

Sections

.text
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 116KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 76KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE