3e4ec395999fad385ae379ff3ea528e3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3e4ec395999fad385ae379ff3ea528e3_JaffaCakes118
Size

143KB
MD5

3e4ec395999fad385ae379ff3ea528e3
SHA1

8a187cbb24cd69898815c8cbc4baf996923b7f99
SHA256

a0a53cbc0504fbd67516cc1ce2c4c762ca4d7c0d67293f0482f1b442e81ec25a
SHA512

7143542bfbedd9a272abfa24069c90eafc468a120be6a18aa6e172796e98fc99ae6c1ac91daf5df01e207f5c81748a78c4c7477af5ad6bd64f66d9f36e72ddec
SSDEEP

3072:Dw8jQFTxqpHAsaDLwk1D8Yaf9cOupm3ftje4J:D1Q52AZwkqYaf9zftje

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e4ec395999fad385ae379ff3ea528e3_JaffaCakes118

Files

3e4ec395999fad385ae379ff3ea528e3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6bb30ebf740512235da3d15a2e2d5833

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SearchPathA
GetSystemTimeAsFileTime
ReadConsoleInputW
WaitNamedPipeA
CreateProcessW

user32

MessageBeep
EndTask
GetKeyboardLayoutList
MBToWCSEx
GetAncestor
DefMDIChildProcA
UnhookWindowsHookEx

shell32

SHAddToRecentDocs
ExtractAssociatedIconExW

gdi32

GetCharWidth32A
CombineTransform
EngLockSurface
PtInRegion
GetEUDCTimeStampExW
SetGraphicsMode
GdiFlush
IsValidEnhMetaRecord
RemoveFontResourceExW
GdiStartPageEMF
GetBkMode
MirrorRgn
GdiTransparentBlt
EqualRgn
GdiEntry13

Sections

.code
Size: 9KB - Virtual size: 238KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 129KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pack32
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ