3e67be3aa5de5fd370773f70a30a8569_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3e67be3aa5de5fd370773f70a30a8569_JaffaCakes118
Size

312KB
MD5

3e67be3aa5de5fd370773f70a30a8569
SHA1

4e64d5d5bfc5f55b4fb508f3e7fc156218fe8074
SHA256

56fcff063232e2dd0b9bc745280c2e5f9c93d5eecddd8b8ae0e3a1e68e45519d
SHA512

fb14fce2164c19f5548cf9db510696c449cc5bd1fb178c2aeb5023e4f97d981dd20eae39acb148461d4705cadb4339a50b560471afda523d980a590639c4e348
SSDEEP

6144:elsIEeqo4+xZwywPBDvlBFQ6QXP9R14PFk4WcFLntnGcoIe/M68ETmFd:feV4+xeywPBzzFQt4Fk4WcRtnGAe/M8u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e67be3aa5de5fd370773f70a30a8569_JaffaCakes118

Files

3e67be3aa5de5fd370773f70a30a8569_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5f8b41cb2b3fc7f92090ece0ddd76535

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResetEvent
VirtualProtect
ReleaseMutex
SetEvent
GetCommandLineA
Sleep
RaiseException
GlobalFree
GetACP
GetStdHandle
InterlockedExchange
GetSystemDirectoryA
LoadLibraryExA
FindFirstFileExA
GetLocaleInfoA
GetLastError
SetErrorMode
HeapCreate
EnterCriticalSection
RemoveDirectoryA
FindClose

user32

GetClassNameA
GetWindowTextA
ValidateRect
ReleaseDC
GetParent
ShowWindow
GetFocus
GetActiveWindow
wsprintfA
DrawTextA
IsIconic
SetForegroundWindow
FrameRect
EndPaint
BeginPaint
FillRect
GetWindow
FlashWindowEx
GetCursorPos

dnsapi

DnsStatusString
DnsApiAlloc
DnsApiRealloc
DnsApiFree
DnsFree

clbcatq

CoRegCleanup

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ