3b4ce488f5451261efab655296666cbc_JaffaCakes118 | Triage

Sharing

General

Target

3b4ce488f5451261efab655296666cbc_JaffaCakes118
Size

183KB
MD5

3b4ce488f5451261efab655296666cbc
SHA1

18f000adab313e9e97e8044bd1b09ebb8b4dfca2
SHA256

d5368fa9a3c50dec1e54b097ae847042aa3363d0176c06d3b0f0232bbda9f6af
SHA512

94d3c84fd882c1244e720afe5aaf4d008c9ba06b725bce5898c3092e72d9f2dbbd8ab7a6abf4e34dcf5810030a4b632ebbc6974416b49ffc6393ec8992af9dd9
SSDEEP

3072:TMSn4mc9CXu9yP0KixtsdV8xJ8hXkR1QxCSuvToiGvDD4avfaa93AAZK3LPkd:THDUB9xPqdVk+hXuHoEavfaC3ByLm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b4ce488f5451261efab655296666cbc_JaffaCakes118

Files

3b4ce488f5451261efab655296666cbc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c991f2cd98434a762bbe244e15e011ad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryPerformanceCounter
GetLocaleInfoA
GetCPInfoExW
RaiseException
GetStdHandle
WriteFile
MultiByteToWideChar
GetEnvironmentStrings
DeleteCriticalSection
GetThreadLocale
GetCPInfo
InitializeCriticalSection
LeaveCriticalSection
GetStartupInfoA
EnumResourceTypesA
TlsSetValue
HeapSize
GetEnvironmentStringsW
EnterCriticalSection
SetHandleCount
GetTickCount
FreeEnvironmentStringsW
GetVersionExA
LoadLibraryW
GetACP
WideCharToMultiByte
UnhandledExceptionFilter
lstrlenW
InterlockedExchange
GetLastError
InterlockedIncrement
FreeEnvironmentStringsA
TlsGetValue
GetOEMCP
GetFileType
GetCurrentProcessId

msimg32

AlphaBlend
TransparentBlt

gdi32

GetTextMetricsA
DeleteObject
GetTextExtentPointA
GetDeviceCaps
SelectObject
CreateFontIndirectA

ole32

CoGetMalloc
CoTaskMemFree
CoCreateInstance
StringFromGUID2
CoTaskMemAlloc
CoTaskMemRealloc

Sections

.text
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ