3bc08825aecc8c869df2522b62c122ab_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3bc08825aecc8c869df2522b62c122ab_JaffaCakes118
Size

338KB
MD5

3bc08825aecc8c869df2522b62c122ab
SHA1

e1d42065747384ffc636cdaababe6d8db0abcd65
SHA256

fdf6ad5892e594c6aad63f320079deb6c491d3197e2e92d7196c0934d09c477c
SHA512

b6d0e133f43b27e876a9a7cc88a063c4b0cb0c4209e36ed0eaff95579a72f210e3309f8c6f6bd7f71ca20307cb6d39528f5cc35b17e4ab36f0b2eed3b4ba7bd5
SSDEEP

6144:C9C1a8afokGBUTehGIfJL0i/fZFUGF8XRZvpe0bLcyF:0C1a87NBUTQGIt0iDFgLpFbJF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3bc08825aecc8c869df2522b62c122ab_JaffaCakes118

Files

3bc08825aecc8c869df2522b62c122ab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

19e02d9eae1888243eb028ea831896bb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetModuleHandleA
LocalFree
GlobalLock
CloseHandle
LoadLibraryExA
ResumeThread
FindClose
GetSystemTime
OpenSemaphoreA
GetLastError
FreeConsole
CreateEventA
FreeEnvironmentStringsA
OpenMutexA
IsBadReadPtr
GlobalUnlock
GetACP
VirtualProtectEx
GetStdHandle

user32

IsIconic
GetDlgItemTextA
GetComboBoxInfo
IsMenu
GetSubMenu
GetMessageA
EndDialog
GetMessageA
CreateWindowExA
LoadCursorA
ClipCursor
SetFocus
DialogBoxParamA
MessageBoxA

msasn1

ASN1BERDecBool
ASN1BEREncOpenType
ASN1BEREncNull
ASN1BERDecCheck
ASN1DecAlloc

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ