3bb91b2e9f37712250cf46b11e7f173a_JaffaCakes118 | Triage

Sharing

General

Target

3bb91b2e9f37712250cf46b11e7f173a_JaffaCakes118
Size

56KB
MD5

3bb91b2e9f37712250cf46b11e7f173a
SHA1

582272c8656a7e48dd54dfba5dd872d71eba66c7
SHA256

508ed21591b86fc6e0f77056114842a289eac116909708c499b4d0105d8fea18
SHA512

c24dd0c8e4799192a9a5114e58e7713b243d2570367bb020159be6e19ab4e354db0cdc90087bc5a17629d1e6f185eabc270b1b49f134ca66e648faa886697869
SSDEEP

1536:ttCMNdpBy30Zefc/tFCe3TN35nZF/DSoGWh3MRA1FrGuPJHj:ttJNdvpZ//tV3TN3R7MRA1PhH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3bb91b2e9f37712250cf46b11e7f173a_JaffaCakes118

Files

3bb91b2e9f37712250cf46b11e7f173a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e64573a7d21ff3518f9d386014630261

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ClearCommError
CopyFileExW
ExitProcess
GetCurrencyFormatA
GetCurrentThreadId
GetExitCodeProcess
GetPrivateProfileSectionA
IsValidLocale
SetHandleInformation
TransmitCommChar

advapi32

AdjustTokenPrivileges
BuildImpersonateExplicitAccessWithNameA
EqualPrefixSid
FindFirstFreeAce
GetAclInformation
GetServiceKeyNameW
GetTrusteeTypeW
ObjectCloseAuditAlarmA
RegOpenKeyExA

user32

CallMsgFilter
CharToOemW
CreateDialogParamA
CreateWindowExA
DialogBoxParamW
GetKeyboardLayoutNameA
GetTabbedTextExtentA
InsertMenuA
SetWindowTextW
keybd_event

shell32

CheckEscapesA
DoEnvironmentSubstW
RealShellExecuteExW
SHChangeNotify
SHGetPathFromIDListW
SHHelpShortcuts_RunDLLA
SheGetCurDrive
SheShortenPathA
ShellExecuteExA
ShellHookProc
Shell_NotifyIconA

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 53KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE