3b46726be8d5751a637451cd57dfdec0_JaffaCakes118 | Triage

Sharing

General

Target

3b46726be8d5751a637451cd57dfdec0_JaffaCakes118
Size

137KB
MD5

3b46726be8d5751a637451cd57dfdec0
SHA1

e3d1bc26da5f2bfac17ea4b3c9d51debc8475b6b
SHA256

966fcbbb9e6765f6d19fbc193cf298b58ac1e43cd2b499380ab5f2ebe8b181d2
SHA512

a1fa503339239a0a75de50885a8c9fd7e497a0f56df0df69f6e32133c8a573ed033b4459500163234fb9ca42203f5a7e9aaa28bcc7a27fc6f8f651311660f37d
SSDEEP

3072:nOlryEcZf84xrPola6C/Juk/xlQ+5Su/8eCeIg53cTr3:VEcF84xv6CJJeuEe3c/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b46726be8d5751a637451cd57dfdec0_JaffaCakes118

Files

3b46726be8d5751a637451cd57dfdec0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7a1403e2787427eeefb1225f60c659d5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

L:\rmNSMzxkDy\hUHlPieqZ\sxojxoIgk\GGHecwbSFYoGQe\fIeJGsgHNtJ.pdb

Imports

msvcrt

_controlfp
atoi
__set_app_type
_wtoi
strspn
__p__fmode
__p__commode
_amsg_exit
_initterm
_ismbblead
_XcptFilter
_exit
_cexit
memset
__setusermatherr
__getmainargs

kernel32

GetModuleFileNameA
GetCurrentDirectoryW
SetupComm
LocalReAlloc
FindResourceA
lstrlenA
GetModuleHandleA
LoadLibraryA
SetTimerQueueTimer
lstrcpyA
WaitForMultipleObjectsEx

shlwapi

UrlEscapeA
ChrCmpIW

gdi32

PtInRegion
SetLayout
CreateRectRgn
LPtoDP
SetDIBits
GetClipBox

user32

SetUserObjectInformationW
IsCharUpperW
GetClientRect
DispatchMessageA
GetMessageExtraInfo
MessageBoxW
CreatePopupMenu
SetWindowPos
GetClassNameW
LoadImageW
InvertRect
DestroyAcceleratorTable
GetWindowDC
CopyRect
CreateWindowExW
LockWindowUpdate
wsprintfW

Exports

Exports

?CreateDlgMessage@@YGHPAXPADK|U

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.list
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 107KB - Virtual size: 231KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE