3dde6b821d87133b516c120cdbb14d4e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3dde6b821d87133b516c120cdbb14d4e_JaffaCakes118
Size

31KB
MD5

3dde6b821d87133b516c120cdbb14d4e
SHA1

6d775606d6128fa1763f65b7c7843c288afb88eb
SHA256

7f5b5d1a4e9bf6783b38402512e28567654a928ff602b28afdf70f555228ae31
SHA512

6134a59c73e94f26dad6599b9c7d3ba7a8cecb8bdea8215c1540242d991dad5e3ddbe167823a2aa8ee2d56cc90b1818c1f37d7625b729444f16fa6b25c3630fa
SSDEEP

768:IPtoXZbm5z+uA+/Z+CIgC+MUnTDvmqiVFt1u+U1L:xpbmRbxJ1C+MUTDuz8+Ul

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3dde6b821d87133b516c120cdbb14d4e_JaffaCakes118

Files

3dde6b821d87133b516c120cdbb14d4e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

36fc56cabb349b3061ec9709ebf9d16c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FatalAppExitW
GetStringTypeW
ReadConsoleOutputAttribute
CreateHardLinkW
GetSystemPowerStatus
GetAtomNameW
EnumSystemLocalesW
PrepareTape
DosDateTimeToFileTime
DisableThreadLibraryCalls
PrivMoveFileIdentityW
GetStdHandle
_lclose
GetCommandLineA
ExitProcess
GetStartupInfoA

user32

GetProcessDefaultLayout
FindWindowExA
IMPSetIMEW
DlgDirListA
DialogBoxIndirectParamAorW
InSendMessageEx
WCSToMBEx
CreateIcon

Sections

.text
Size: 4KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pvruj
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE