3e8b0e85d9252b9ec363831c0003215f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3e8b0e85d9252b9ec363831c0003215f_JaffaCakes118
Size

787KB
MD5

3e8b0e85d9252b9ec363831c0003215f
SHA1

5efead6feef7938d9898991ed188173ed4c7445f
SHA256

68e9d979ea05bb4ff6b861128412f98438623c8239818c2bfcc6d49112414e38
SHA512

1ed8ea4fbae886e39970c15fa513314c07d6cf4c1163a4ffb72ebfee55609f31e18019158341312070a88836374e34795b96e4d593121aab2125584cf29bb981
SSDEEP

24576:vLjFNj5Wf7bHSeTip4KZKB/Ne42RetMybwOo1+:fFJofH3I4ah42RetMybwOoY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e8b0e85d9252b9ec363831c0003215f_JaffaCakes118

Files

3e8b0e85d9252b9ec363831c0003215f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

40ce75793ce3a593fbe80d41bef6faa3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetConsoleMode
LoadLibraryExW
TerminateThread
LocalFree
lstrlenW
SetLastError
TlsGetValue
Sleep
GlobalUnlock
GetStdHandle
FindResourceA
CloseHandle
CreateMutexA
CreateFileA
SetEnvironmentVariableA
PulseEvent
HeapCreate
ReleaseMutex
GetModuleHandleA

user32

CopyRect
GetDC
IsWindow
GetIconInfo
DispatchMessageA
GetDlgItem
FillRect
CheckRadioButton
CallWindowProcA
DefWindowProcW
DrawMenuBar
DrawEdge
SetFocus

uxtheme

GetThemeColor
DrawThemeIcon
GetCurrentThemeName
GetThemeBool
CloseThemeData

dpnet

DirectPlay8Create

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 778KB - Virtual size: 778KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ