3cd2114327038221dd63e2c54f3b9e1c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3cd2114327038221dd63e2c54f3b9e1c_JaffaCakes118
Size

14KB
MD5

3cd2114327038221dd63e2c54f3b9e1c
SHA1

81def0371598c8dfce828521838aa4df5579c27f
SHA256

c04bd1ae5a6148529ac5cb0446fc9e445cfeb5b050641670ae5855dd460ce87d
SHA512

076dd98b175fa43d1012179394c81d31c90c44b0be6775ccb2bae14e712d9b341356d1f019774d7885ac02fbe3ef1018d98ffd0ebc52f9a854479710fc7b2137
SSDEEP

384:vmsFUU48dD7RGAM12CRHlHshcsqkbr34:vmyyWDMX12/V534

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cd2114327038221dd63e2c54f3b9e1c_JaffaCakes118

Files

3cd2114327038221dd63e2c54f3b9e1c_JaffaCakes118
.exe windows:1 windows x86 arch:x86

0971d1d616379820534265cd4486eae5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateFileW
DeleteCriticalSection
DisableThreadLibraryCalls
EnterCriticalSection
GetCurrentThreadId
GetLastError
GetVersionExA
InitializeCriticalSectionAndSpinCount
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
ReadFile
Sleep
UnhandledExceptionFilter

user32

CharNextW
CreateWindowExW
DestroyWindow
DialogBoxParamW
EndDialog
GetDC
GetDesktopWindow
GetDlgItem
GetFocus
GetParent
GetWindowLongW
IsDlgButtonChecked
IsWindow
KillTimer
LoadCursorW
LoadIconW
LoadStringW
PeekMessageW
PostQuitMessage

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ