3e30fcde643e84fdea7c5d7e1b7ee208_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3e30fcde643e84fdea7c5d7e1b7ee208_JaffaCakes118
Size

177KB
MD5

3e30fcde643e84fdea7c5d7e1b7ee208
SHA1

42ab315d07363e97eb3f87737f896504db33e68c
SHA256

203828a5aa24f08f6da1d5e5cff93af079e9623cf22923b325deb5107481f5f7
SHA512

e0e287c3b25c651c288b220e575fa8052718b2ff19b85501031e57db9873935c81e7cfe8d58c3490303916dbd1462c03c3addddb6158824acfdd5b7584ee0285
SSDEEP

3072:JPRIIq/M/V1RYAFbGOnyiA6Hz4Z7eJP1HnNvfWpHrSrjug11jPVsQRwBZSn:J5IfU911Zvm6l3vfWQrjd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e30fcde643e84fdea7c5d7e1b7ee208_JaffaCakes118

Files

3e30fcde643e84fdea7c5d7e1b7ee208_JaffaCakes118
.exe windows:1 windows x86 arch:x86

561797a7e54656b4d166107dddc51984

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadPriority
VirtualAlloc
GetStringTypeExA
lstrcpyA
SetErrorMode
OpenMutexA
GlobalAddAtomA
SetUnhandledExceptionFilter
GetFileAttributesA
SetVolumeLabelA
DeleteTimerQueueEx
ClearCommError

ntdll

RtlGetLastWin32Error

advapi32

RegQueryInfoKeyW
AddAce

comctl32

InitCommonControlsEx

Sections

.text
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ