3b996ceb0777a6b0e2abb23b79cec33f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b996ceb0777a6b0e2abb23b79cec33f_JaffaCakes118
Size

414KB
MD5

3b996ceb0777a6b0e2abb23b79cec33f
SHA1

dd3e122f5fa4040f2d44fcb5f27c93db3427af6b
SHA256

93cd965d864108820ba9a5377eb87209ce25fd38d47486e29b8f508416475a70
SHA512

02fefc66dcf4ed8aca24907f12bd512ce3283fe5415c8106729f9aa025cc1350d364e5f9243a31aac7e84998e901b332f5f971b7a1c8d01dde22bbec70abf160
SSDEEP

12288:H6AkNhpW/c6W1f2cRu+MDsy8FXxNfsxbOR/hz:ar/F2au+csvbUxbCh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b996ceb0777a6b0e2abb23b79cec33f_JaffaCakes118

Files

3b996ceb0777a6b0e2abb23b79cec33f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ba04c52a5dfc858721a6fa4d80ed4e42

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

kernel32

IsBadReadPtr
GetFileType
CreateMailslotW
GetStdHandle
WriteFile
CompareStringW
GetThreadPriority
FlushFileBuffers
RaiseException
SetHandleCount
TerminateProcess
GetEnvironmentStrings
lstrcpyA
SetStdHandle
lstrlenA
GetOEMCP
GetStringTypeW
GetStringTypeA

user32

ShowCursor
GetCaretBlinkTime
UnionRect
CreateDialogParamA
GetMessageTime
EqualRect
SetTimer
SetClipboardData
EmptyClipboard
MessageBeep
GetClassInfoA
GetAsyncKeyState
HiliteMenuItem
GetScrollRange
MessageBoxA
SendMessageA
OffsetRect
SetParent
GetMenuState
PtInRect
GetMessagePos
SetWindowPos
GetScrollPos
GetDesktopWindow
DrawMenuBar
EnableWindow
OpenClipboard
GetClipboardData
IsClipboardFormatAvailable
DialogBoxParamA
WinHelpA
SetScrollPos
SetCursor
EnumWindowStationsA
BringWindowToTop
GetMenuItemID
DeleteMenu
CloseClipboard

shell32

DragAcceptFiles

Sections

.text
Size: 258KB - Virtual size: 257KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrcx
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ