3c378f8135e43acd1e4fbee6409fd006_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3c378f8135e43acd1e4fbee6409fd006_JaffaCakes118
Size

390KB
MD5

3c378f8135e43acd1e4fbee6409fd006
SHA1

5513fe71d8f9d02c59bd7897be48aa1f50b1ab9a
SHA256

ca50c508aa2a33d930e5d084301c37df7b98418c1244a8a05400b20b4d8215cb
SHA512

3f4aee427ed90f7f887aea3a743915b0f77da512eb0a57b54e4de5b94213b77b27f4c7e3808b4c7949a50467b67e4cd605c00202623484ae264d1ead0747f6c1
SSDEEP

6144:4FD1wG0fljKQIZhzc7HVHtf5vuyh+ajZCsuAMXMzFHCD/yr07oAH4kbiYm:45/ApUvsfRh+ajZCBAMXoUK0VHVm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c378f8135e43acd1e4fbee6409fd006_JaffaCakes118

Files

3c378f8135e43acd1e4fbee6409fd006_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cb6a379c3c89e69f24ac73fd55183496

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

PulseEvent
TlsGetValue
HeapCreate
GetACP
ExitThread
SetLastError
CreateMutexA
FindClose
SetConsoleCursorInfo
GetEnvironmentVariableA
CloseHandle
LoadLibraryExW
CreateFileA
GetModuleHandleA
GlobalFree
GetCurrentProcessId
GlobalUnlock
FindAtomA
ReleaseMutex
FindResourceA

user32

CopyRect
DrawMenuBar
GetDlgItem
IsWindow
FillRect
DefWindowProcW
CheckRadioButton
CallWindowProcA
GetDC
DrawEdge
DispatchMessageA
GetIconInfo
GetFocus

uxtheme

DrawThemeIcon
GetThemeSysInt
DrawThemeText
DrawThemeEdge
GetThemeRect

clbcatq

SetupOpen

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ