3b9a3478c567f6851c3216d782fdabba_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b9a3478c567f6851c3216d782fdabba_JaffaCakes118
Size

232KB
MD5

3b9a3478c567f6851c3216d782fdabba
SHA1

d59e8c6f27548f4c4447205d03d8a4ae996382d0
SHA256

a6c2dc0335eb329f01f2f69e7e9f4a99184508d568a753477eff9835de90efba
SHA512

f9c2f0efd70cc7eee0c41815f15dbee9052d34d7ceb6f155f9a4a194fc9b4febc038313d684070ed38b3397c02371d912457fe287ed328cea27ba416a8d15052
SSDEEP

3072:Zx0i3KqQV8ICz3RpnFg/il0pXM/kFzc9wyCZkHILY4NKQvrra7sVFs8gK2/tE5dw:HjKqAbCz3R1F2WEXMCZ5NXr588gE55

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b9a3478c567f6851c3216d782fdabba_JaffaCakes118

Files

3b9a3478c567f6851c3216d782fdabba_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6b1c4b9d88316aee984616d2a775c311

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
CreateEventA
CompareFileTime
GetTickCount
GetStartupInfoW
GetCommandLineA
GetStartupInfoA
GetSystemTime
TlsAlloc
IsValidCodePage
GetModuleHandleA
GetCurrentDirectoryA
GetModuleFileNameA
InterlockedDecrement
GetLocalTime
CreateMutexA
GetCurrentProcessId
GetModuleFileNameW
QueryPerformanceCounter
GetCurrentThreadId

gdi32

ChoosePixelFormat
SetPixelFormat

opengl32

glVertex2f

shell32

SHSetLocalizedName

msvcrt

_initterm
__dllonexit
_controlfp
memcpy
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_onexit
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3

Sections

.text
Size: 226KB - Virtual size: 226KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ