3c4b24644563b2989dfa3d35e9baeb00_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3c4b24644563b2989dfa3d35e9baeb00_JaffaCakes118
Size

50KB
MD5

3c4b24644563b2989dfa3d35e9baeb00
SHA1

3b3772cdaacdfbe2ba6a0cd5f7c66eb1ee2a11b5
SHA256

9754b7cb4426f3b54fee5b0b00351f16d7aeccbf9e65f7c714ccf3082b52f473
SHA512

6deccc7e833e3b49548bc7b942fea56e8d0893f0921cd9401dca32334aa0a07cc9cc2f9a48e3c3c9a60f41f5090eea5a7bc8cb5e7cf88b8ce956e69d3b4d4828
SSDEEP

768:BUaZh+nbV1MGhKu5Qz8Z5MRYUPbTZFdeaj2TosvZrtpV/K6NzZJ2u2Cn:B5/+nbMGhKuV/01PJFdTiFRTQ6NXr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c4b24644563b2989dfa3d35e9baeb00_JaffaCakes118

Files

3c4b24644563b2989dfa3d35e9baeb00_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8fe54ac182a97f80eee68d750c295250

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime

shlwapi

PathFileExistsW
PathFindFileNameW
PathMatchSpecW
PathRemoveFileSpecW
SHDeleteKeyA
StrCmpNIW
wnsprintfW
wvnsprintfW

user32

CloseDesktop
DrawIcon
EndDialog
FindWindowExA
GetCursorPos
GetForegroundWindow
GetWindowLongA
GetWindowTextA
OpenDesktopA
SetProcessWindowStation
ToUnicode

Sections

.ledgp
Size: 40KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pyv
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hmlkn
Size: 5KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ