3d7ec89e9cac627e53e3b496c801f65d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3d7ec89e9cac627e53e3b496c801f65d_JaffaCakes118
Size

101KB
MD5

3d7ec89e9cac627e53e3b496c801f65d
SHA1

c413a41c7addb7d2df9f35016a8168123e8df9df
SHA256

e2c1038727c8f15df3322e864f6a92b7b21da16c2ede8b7609652b71e900ef86
SHA512

f615cc23600c659c8b0bd0ea927ac72ffa967cfe1cdbacbecfb195f838d8be0b3ffd50492c7596c83debffac1e41142bc6f0657c251c101f4fd5c424dcecc205
SSDEEP

3072:jHwmKRenIBtqePxd+z5DutiJ8bE3J3F5NSh2:jHfKRenIBLxUVu7b+J15N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d7ec89e9cac627e53e3b496c801f65d_JaffaCakes118

Files

3d7ec89e9cac627e53e3b496c801f65d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c2ef69385e8525a5da28b1b9737d1711

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

Polyline
GdiSetBatchLimit

shell32

Shell_NotifyIconA

advapi32

AccessCheckByTypeAndAuditAlarmW
RegisterServiceCtrlHandlerA
OpenServiceW
OpenSCManagerA
GetFileSecurityW

user32

UnloadKeyboardLayout
VkKeyScanW
SetSysColors
SetRect
SetCapture
RedrawWindow
OpenDesktopW
LoadImageW
GetWindow
TabbedTextOutA

kernel32

GetLastError
VirtualAlloc
SystemTimeToTzSpecificLocalTime
SetTimeZoneInformation
SetFileAttributesW
ReadConsoleInputW
LocalSize
GetVersion
GetTickCount
GetModuleFileNameA
GetBinaryTypeA
GetCommandLineA

comctl32

InitCommonControls

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ