3cccd17cf1948b29d90063cf929d9c2c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3cccd17cf1948b29d90063cf929d9c2c_JaffaCakes118
Size

48KB
MD5

3cccd17cf1948b29d90063cf929d9c2c
SHA1

c37d6f1f713b67913e4c71a27052d006103f14d3
SHA256

8bdce58b0ded6b23366062c13e92e15fe0f4a0111173fdaa9505682e6024405c
SHA512

88a369114c2b9d8d5d956ded372beecf8ba352f2a8627c25afb6dddad9c34201b4363edf106926917a87c36c6c7ac7ca048dd9af2c3749364af9b1701b893ab5
SSDEEP

768:Op2XRzRNYdfOfHDi+1emFeQp+H/1hVi8q6ot/hEs9G3hA8adG/aJaUL0BI5w:Op41RNYd8n5oNhVi86z03DWG/aJaw0B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cccd17cf1948b29d90063cf929d9c2c_JaffaCakes118

Files

3cccd17cf1948b29d90063cf929d9c2c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e79c54b433f6bbb809dda066bcfc32d1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CancelWaitableTimer
CopyFileW
EndUpdateResourceA
ExitProcess
GetShortPathNameW
HeapCreate
IsDebuggerPresent
OpenEventW
ReadConsoleOutputCharacterA
RtlMoveMemory
SetConsoleCtrlHandler
SetEvent
SetFileApisToOEM
SetTapeParameters
UnlockFile

advapi32

CreatePrivateObjectSecurity
CryptDeriveKey
LogonUserA
RegLoadKeyW
RegQueryMultipleValuesW
RegQueryValueW
TrusteeAccessToObjectW

user32

DdeAbandonTransaction
GetMessageA
IMPQueryIMEW
LoadImageA
MapVirtualKeyA
SetWindowsHookExA

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 47KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE