3c3c0a29923ee617ed7cfe83ae97e770_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3c3c0a29923ee617ed7cfe83ae97e770_JaffaCakes118
Size

56KB
MD5

3c3c0a29923ee617ed7cfe83ae97e770
SHA1

dffe4a9925823e36f7b84aa5be7ba2cf3b2151e1
SHA256

ee61c14d6293beb53819433d6ea5b6150066cadac62af44842eb5ca86a7d6201
SHA512

b4c86c6c2564ac06d42a5d76f91ec02cec761a72d10dca54210602308ee763c554493b399ffab1edb4f955377b403dcb4ea347f1d8c79953b9b779ad5ca2fef8
SSDEEP

768:KUFQcFAXT6GILajF5Vo3OKwKvVWu7ahhwJel94K6PaU2oZxZu2lyH9iJiIleXyX:xQOARILEe1ahhJiiUbNs9ciyX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c3c0a29923ee617ed7cfe83ae97e770_JaffaCakes118

Files

3c3c0a29923ee617ed7cfe83ae97e770_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1eddac9f3982a3055ecf536e38f3bb4c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

H:\bzhlprFdmufjnv\zodewzCXnfew\UNxbfstIehqf\soBTcrubgF\fyyNYlkojvmn.pdb

Imports

gdi32

GetCharWidth32W
WidenPath
CreateCompatibleDC
CreateEllipticRgnIndirect
GetDeviceCaps
SetRectRgn

kernel32

TerminateThread
CreateSemaphoreW
lstrlenA
CreateDirectoryW
GetSystemWindowsDirectoryW
LoadLibraryA
GetModuleFileNameA

shlwapi

UrlGetLocationW
ChrCmpIW
StrCmpIW

user32

FindWindowA
DestroyIcon
MapVirtualKeyA
GetClientRect
GetWindowDC
WindowFromPoint
wsprintfW
SetClassLongW
IsCharUpperW

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
memset
_amsg_exit
_initterm
puts
_ismbblead
_XcptFilter
_exit
_cexit
__setusermatherr
_wtoi
__getmainargs

Exports

Exports

?CreateDlgMessage@@YGHPAXPADK|U

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ort
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 26KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE