3d98a1d11aab08bc038b99b41d50d981_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3d98a1d11aab08bc038b99b41d50d981_JaffaCakes118
Size

161KB
MD5

3d98a1d11aab08bc038b99b41d50d981
SHA1

010f94a2f53409aeb490227cd46a8f485be5952b
SHA256

1a83d1d5e09437c2ee69a0775b6ad4ac9c7d4649d729a074aa9b979672edd17b
SHA512

a9d4c69c0b0597c4cf949048d7021dc169aca7ce2773acf5b286c20ccc8b6195d3f44d7acee7808eb2a873b3c0838f0406989c355305b5c1cef0787e60bda4f1
SSDEEP

3072:dZvVHtFCz1LZ0KMjFWn22sHl7WZ04E6KN9u0UDDo7JF6B/Gm2Msdi9nPkD:d1V7Cz1LSKMjFWn2rHtWi4kg0kU7JF6S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d98a1d11aab08bc038b99b41d50d981_JaffaCakes118

Files

3d98a1d11aab08bc038b99b41d50d981_JaffaCakes118
.exe windows:4 windows x86 arch:x86

730e881c453d40ed89697267dddc3597

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
CloseHandle
ExitProcess
HeapCreate
WaitNamedPipeA
FindClose
GetACP
GetConsoleCP
GetModuleHandleA
LocalFree
FindAtomA
LoadLibraryExA
GetConsoleAliasW
GlobalUnlock
CreateFileMappingA
CreateFileA
FreeEnvironmentStringsA
Sleep
LocalLock
GetLastError

user32

GetIconInfo
IsWindow
CopyRect
CheckRadioButton
DefWindowProcW
GetDlgItem
GetDC
DispatchMessageA
FillRect
DrawEdge
GetFocus
CallWindowProcA
DrawFrame
MessageBoxA

clbcatq

SetSetupOpen
InprocServer32FromString
GetCatalogObject
SetSetupSave
GetComputerObject

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ