3e606f9cc7d1ad42a494dd45915e775b_JaffaCakes118 | Triage

Sharing

General

Target

3e606f9cc7d1ad42a494dd45915e775b_JaffaCakes118
Size

369KB
MD5

3e606f9cc7d1ad42a494dd45915e775b
SHA1

7d69b27e01ef6867bb1768c9d9cec4952d9c5db5
SHA256

aa701d51320728ed35f6c33dbf83d5c37c529189b7356ddb018cbce95408b9c4
SHA512

4b60f02d7493970b5d1d55aa1ac49c9d5fd527e56a0e949a57526201ba572eee19060dd8129a5b8e1872eb8a653d14481f8d45ad9227037932824be8c2b2a642
SSDEEP

6144:iYvlkt9yLZ/oZJJsiYlLgvbtd8HNME8iTtvfWeXM7ISt6/lVIHnByMhJ9k2y:DrLxopsiYlAbtd8ZZljSGPIHBLhbpy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e606f9cc7d1ad42a494dd45915e775b_JaffaCakes118

Files

3e606f9cc7d1ad42a494dd45915e775b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fb029e0c239f578ad0cdd62c194fd131

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetLastError
CreateFileMappingA
CloseHandle
FindClose
FindAtomA
IsDebuggerPresent
WaitForSingleObject
GetCalendarInfoA
GetConsoleAliasA
LocalFree
FreeEnvironmentStringsA
HeapCreate
TlsGetValue
GetACP
LoadLibraryExA
CreateFileA
GetConsoleCP
LocalUnlock
LocalLock

user32

CreateDialogParamA
DefWindowProcA
SetFocus
PostMessageA
GetDlgItem
GetMessageA
ScrollWindow
GetDC
DispatchMessageA
CallWindowProcA
IsWindow
CascadeWindows
GetIconInfo
DrawIconEx

msasn1

ASN1BERDecBool
ASN1BERDecEoid
ASN1BERDecCheck
ASN1BEREncFlush
ASN1BEREncLength

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ