3c2f75b684d360dccb1ad16b0a58c477_JaffaCakes118 | Triage

Sharing

General

Target

3c2f75b684d360dccb1ad16b0a58c477_JaffaCakes118
Size

169KB
MD5

3c2f75b684d360dccb1ad16b0a58c477
SHA1

f362ea8bd5725eea96014c2403d33b2a3cb00510
SHA256

f67a60c5e439e1b0d73e58f87805c329c2b05cc0f7d8fc86cd97c0f4de43994b
SHA512

4cb43a4aa1380225d2897a8e9a48a655022f4dbc573717a18611e3a57029bd418c77372af9ddf733185d725840af9c56325b88ea67758befd76469aebe9049de
SSDEEP

3072:w7PT0AYBJ5GwuOsZAP1GoTHIXyFqD7GYafqRaIRhgdwE1RsOMgb/DE:QP+pGwuOgA4Q5+/afeyv1G6bI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c2f75b684d360dccb1ad16b0a58c477_JaffaCakes118

Files

3c2f75b684d360dccb1ad16b0a58c477_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2e3ff6ade123d3ba492cf3c05263da1c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSize
WinExec
DeleteFileW
GetFileAttributesW
SetFileAttributesW
AddAtomA
IsDBCSLeadByteEx
LoadLibraryW
GetModuleHandleW
lstrlenW
WriteFile
GetVersion
FindClose
FindNextFileW
MoveFileW
SetFilePointer
SetLastError
SetFileTime
GlobalFree
GlobalAlloc
UnlockFile
CloseHandle
EnumResourceNamesW
GetModuleHandleA
OutputDebugStringA
GetVersionExW
GetVolumeInformationW
GetCurrentDirectoryW
ReadFile
LockFile
GlobalReAlloc
GetSystemDefaultLCID
CheckNameLegalDOS8Dot3W
GetFileTime
GetACP
FindFirstFileW
GetDriveTypeW
GlobalSize
SearchPathW
IsDBCSLeadByte
GetModuleFileNameW
GlobalUnlock
GetProcAddress
GetLastError

setupapi

CM_Get_Child
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 88KB - Virtual size: 484KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ