3decd24798f78131d1bdc846e0a201dd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3decd24798f78131d1bdc846e0a201dd_JaffaCakes118
Size

14KB
MD5

3decd24798f78131d1bdc846e0a201dd
SHA1

81f69db83512d51112231a82f928d5d7162a970f
SHA256

d8d0a274083eba9c2dafb30957742e450e782e063001220d18810502071d7f2a
SHA512

bd6ccb269399b7ab221d9178e134085552783848ecb0568eff8088390fd7fc3aded4ec9b45248ce642ce1e13c8791dff6a3e242832ef566ca7a1e54b1489720d
SSDEEP

192:Bd5kl/AbKcTBNbHJVvkfE141ps+hPHZJJkUVTg0XD5mpDdax:Bk/qRBNLPkE47s+VHZJJk+T7FeEx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3decd24798f78131d1bdc846e0a201dd_JaffaCakes118

Files

3decd24798f78131d1bdc846e0a201dd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e6219cc1c79a37e321b2fcce97304bf8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadLocale
VirtualAlloc
SetEndOfFile
DeleteFileA
GetFileAttributesW
GetSystemDefaultLCID
FindResourceExA
AllocConsole
TlsGetValue
lstrcpyA
GetCurrentThreadId
GetOEMCP
TlsSetValue
IsDBCSLeadByte
SwitchToThread
GetModuleHandleW
TlsFree
GetCommandLineA
lstrcatA
GetModuleFileNameA
GetUserDefaultLCID

user32

IsWindowVisible
GetWindowTextA
GetWindowLongA
GetActiveWindow
InvalidateRect
GetClassInfoExA
ReleaseDC
GetWindowTextLengthA
GetFocus
IsIconic
ReleaseDC
GetForegroundWindow
CloseWindow
GetSystemMetrics
RegisterClassA
ShowWindow
GetWindow
GetDC
ValidateRect

version

VerQueryValueA
GetFileVersionInfoSizeA
VerInstallFileA
VerFindFileA
GetFileVersionInfoA
VerLanguageNameA

msctf

DllGetClassObject

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ