3c8ad0b852d86c7571de18ae25ab2282_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3c8ad0b852d86c7571de18ae25ab2282_JaffaCakes118
Size

158KB
MD5

3c8ad0b852d86c7571de18ae25ab2282
SHA1

ff95726cce7f443d606aa8342e1fb044de58790d
SHA256

06b3d2d18191fe345e6e982d15a2d87b7e312a4017c461a10e9e4603550fd670
SHA512

50b3666e6762139688a4df0fa1be3f8f7f41eb7fe6103e238da930c6049a943e274df0d2bc4dc9e1fcf9be33d09aa8ae69dcca551d9a274d0a43a058a55ad8c0
SSDEEP

3072:DLpg9vayXv9HS4XdA6s1lgvl9USF0DRzTOWB9bjUTKOrzXc0KkE:fpvyXv9HSw26s1lgzE9bATLjTKH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c8ad0b852d86c7571de18ae25ab2282_JaffaCakes118

Files

3c8ad0b852d86c7571de18ae25ab2282_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8da450ede6699196e8f46d55884dcc11

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

winspool.drv

DocumentPropertiesW

kernel32

MultiByteToWideChar
lstrcpynW
GetLastError
GetCPInfo
FindClose
CheckRemoteDebuggerPresent
OutputDebugStringW
WideCharToMultiByte
lstrcpyA
lstrcpyW
EnumResourceTypesW
GlobalAlloc
DeleteCriticalSection
GlobalFree
GetTickCount
GetACP
InitializeCriticalSection
lstrlenW
lstrcmpiW
LockResource
GetModuleHandleW

user32

CharNextW
CharUpperW
KillTimer
GetAncestor
TranslateMessage
DispatchMessageW
wsprintfW
PostThreadMessageW
SetTimer
GetMessageW
GetDC
UnregisterClassA

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 980B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ