3e64ae42c35cb24468dee69f39543b4b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3e64ae42c35cb24468dee69f39543b4b_JaffaCakes118
Size

76KB
MD5

3e64ae42c35cb24468dee69f39543b4b
SHA1

f50c743d0b9a2d966aef6ee1049d9d4d5ae308a6
SHA256

18d2583917593876b33bf2e04e779e8db5892f531f7f3b2bb1c168e6c8573729
SHA512

3b64a188559b3e78f36bb55c184791d5fd89ea9a0caaff89dced94f5441f1eca8b42cee403938942450c64941bf290ec5a7342ee75525676ee2676a1029f35b5
SSDEEP

768:OeisFNAWHM+WZfxinTMpDBjZx3dADPc/F8EK+Ng3IB73PlJJw/hu0RS/yC0:Oe5FCWHM+GfxcTMfEIh3P3JwZu0XC0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e64ae42c35cb24468dee69f39543b4b_JaffaCakes118

Files

3e64ae42c35cb24468dee69f39543b4b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9772a771b43682ab3e567b676cf5182c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
CreateFileA
LockResource
LoadResource
SizeofResource
FindResourceA
FreeLibrary
GetProcAddress
LoadLibraryExA
lstrcmpiA
DeleteFileA
SetFileAttributesA
lstrcatA
GetStartupInfoA
ExitProcess
CloseHandle
GetModuleHandleA
lstrcpyA
GetLastError
SetLastError
GetSystemDirectoryA
GetCurrentDirectoryA
GetFileAttributesA
GetDriveTypeA
GetUserDefaultLangID
lstrcpynA
lstrlenA
CreateDirectoryA
EnumResourceNamesA
SetCurrentDirectoryA
GetCommandLineA
RemoveDirectoryA

user32

CharNextA
LoadStringA
wsprintfA
MessageBoxA

advapi32

RegOpenKeyExA
RegCloseKey
RegFlushKey
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
RegQueryValueExA

ole32

CoInitialize
CoUninitialize

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ