3cdb69abe86f696fc333050b94caada0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3cdb69abe86f696fc333050b94caada0_JaffaCakes118
Size

40KB
MD5

3cdb69abe86f696fc333050b94caada0
SHA1

1e8a1d48f147a3072472ff6e53ab5dd35c0c4688
SHA256

ab21248163c9e44b8cdeefb9f2083ac869fc0496c2e510801396ad5c76a4ff08
SHA512

1f45b2f76213bfcbacb9bbcb234c6b8bef2836dc4891916cf227392823417a6e39993cd60e093e2583956f788d309ddff8aa9680ed8ad78a072866669246a6a3
SSDEEP

768:yA6F3yK52v5sAQWU1RuYjcjCSJ/UpddMpxpPxAypeFC3:C3PAXQ549jCSZQddUfheW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cdb69abe86f696fc333050b94caada0_JaffaCakes118

Files

3cdb69abe86f696fc333050b94caada0_JaffaCakes118
.exe windows:1 windows x86 arch:x86

3f84f7f43684728efc29ae74b47d0b27

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DuplicateHandle
ExpandEnvironmentStringsA
GetCommandLineW
IsDebuggerPresent
Beep
GetLocalTime
GetSystemTimeAsFileTime
ExitProcess
lstrcpyW
CopyFileA
GetTickCount
LoadLibraryW
GetProcessHeap
CreateNamedPipeA
GetTempFileNameW
lstrcmpiA
CopyFileExW
CreateEventA
GetProcessHeaps
GetShortPathNameW
CreatePipe
GetTempPathA
GetProcAddress
FileTimeToSystemTime
MultiByteToWideChar

user32

SetWindowTextA
DialogBoxParamA
GetKeyboardLayout
FindWindowW
ClientToScreen
WinHelpW
PeekMessageW
InsertMenuItemW
GetForegroundWindow
FindWindowA
GetMenuItemRect
MessageBoxA
SetParent
LoadBitmapA
MoveWindow
CreateDialogIndirectParamA

gdi32

FillPath
SaveDC
CreateDIBSection
MoveToEx

advapi32

RegReplaceKeyA
RegDeleteKeyA

comdlg32

PageSetupDlgW
PrintDlgW
GetSaveFileNameA
ReplaceTextW

shell32

SHBrowseForFolderA

ole32

CoDisconnectObject

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ