3bb11abc422e306fcd0bc1bdd2b5e5ce_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3bb11abc422e306fcd0bc1bdd2b5e5ce_JaffaCakes118
Size

316KB
MD5

3bb11abc422e306fcd0bc1bdd2b5e5ce
SHA1

89fd6032b0e341599eb6428a8048191d7b89d99a
SHA256

7311031022a95e61b1e124d45c36f459433dc5a62b9c6a5f5e2b2fe5e5504489
SHA512

20bbbc16b112ef321df0bbc53930be67221428e450ad211a60e9786b6a441c6aea6280c415b9633a8986fe273b538e21f55f6962760cf858ba6ba375f17ead5a
SSDEEP

6144:5aF4z+Jq3Ntu+FWkFip1HaTTirGWpC5mO8ij3KIz:S4z19dfFib6Ti5o7KIz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3bb11abc422e306fcd0bc1bdd2b5e5ce_JaffaCakes118

Files

3bb11abc422e306fcd0bc1bdd2b5e5ce_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5e3c88440859a0db820c31aae2ab19a4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
GetCurrentProcessId
IsDebuggerPresent
GetACP
GetCurrentThread
CreateFileMappingA
GetTimeFormatA
GetLogicalDrives
GetCommConfig
GetStdHandle
CreateHardLinkA
HeapDestroy
HeapCreate
VirtualProtect
InterlockedExchange
DeleteAtom
GetModuleHandleA
GetTapeStatus
GetProcessVersion
WaitForSingleObject
GetEnvironmentStringsA

user32

GetWindowTextLengthA
GetTitleBarInfo
EndPaint
GetFocus
SetActiveWindow
FillRect
GetDlgItem
GetClassNameA
GetWindow
GetParent
BeginPaint
GetCursorPos
ShowWindow
wsprintfA
DrawTextA
DragDetect
ReleaseDC
FrameRect
SetForegroundWindow

advapi32

RegSetValueExA
RegCreateKeyA
RegFlushKey
RegCloseKey
RegEnumKeyA

setupapi

SetupCloseLog

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 708KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ