3c3b6f466b48fb2c004a407c8ed3ab2a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3c3b6f466b48fb2c004a407c8ed3ab2a_JaffaCakes118
Size

275KB
MD5

3c3b6f466b48fb2c004a407c8ed3ab2a
SHA1

d8b615715460cc95a1cb1ca01fa0d24201983114
SHA256

17ee784ffe297f8528da24e38f1a29b972db1b1e41689dea96f9b7aaac2ee012
SHA512

64e1a020a4febdff20a1952b483f94dd3f21a6f9634c41280817109d4b31bd4325af82c44c7c03ecc41f9291a497d8a5f893cd42478f99fc9e25c1d07443e7e3
SSDEEP

6144:+AZLE8mkK5yugu5eBa/Jc7fp4YomOR7QTq4pB28IsVyrIhpPVo:ZLmk6HegBc7OfHR7QOk2FsV5PW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c3b6f466b48fb2c004a407c8ed3ab2a_JaffaCakes118

Files

3c3b6f466b48fb2c004a407c8ed3ab2a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

65f7dd094a0c0cef37abc8eb6f3476ef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
LoadResource
LockResource
GlobalAddAtomW
SizeofResource
FindFirstFileA
GlobalFree
EnumResourceLanguagesW
GetProcAddress
HeapAlloc
GetCommandLineW
FindFirstFileW
MultiByteToWideChar
RaiseException
EnumResourceNamesA
CloseHandle
FindNextFileA
EnumResourceTypesW
HeapFree
GetProcessHeap
GetModuleHandleW
GetLastError
GetCurrentDirectoryW
SetLastError
LoadLibraryA
GetDateFormatA
FormatMessageW
EnumResourceNamesW
InterlockedExchange
FindResourceExW
Sleep

setupapi

CM_Get_Depth
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

user32

PeekMessageA
CharUpperA
PostThreadMessageA
KillTimer
GetMessageA
IsWindowVisible
wsprintfW
SetTimer
EnumWindows
LoadStringA
GetWindowTextA
CharNextA
MessageBoxA
DispatchMessageA
GetWindowThreadProcessId
wsprintfA

Sections

.text
Size: 142KB - Virtual size: 274KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ