3eda16137511298b4b6b94c133b1a52c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3eda16137511298b4b6b94c133b1a52c_JaffaCakes118
Size

135KB
MD5

3eda16137511298b4b6b94c133b1a52c
SHA1

96959f7063f05bfed14a376909a7adcc4ba824fe
SHA256

40da1e447c04379940f75da77b6d261fea0bc0adbe76b7f64f27410755ca5466
SHA512

5cb9e28ef1b5cf2038d1e379defae74a74ec4c187a5cdf76112e5463f74109f7dca8e8c766c657144cca5b364a4ae251f8db4fedb92f017c7ba8927580067c48
SSDEEP

3072:0Vmmmmmmmmmmmmmmmmmmmmm3mimmmmmmmmmm6mmmDzoX8yzpHSt5IqtT9wNewwkR:0Vmmmmmmmmmmmmmmmmmmmmm3mimmmmmD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3eda16137511298b4b6b94c133b1a52c_JaffaCakes118

Files

3eda16137511298b4b6b94c133b1a52c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

185b095ec90cb16c745a9b76856204cc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
ReadFile
LoadLibraryW
GetProcAddress
GetWindowsDirectoryW
GetModuleHandleA

user32

RegisterClassExA
CreateWindowExA
ShowWindow
UpdateWindow
GetDC
ReleaseDC
PostQuitMessage
InvalidateRect
BeginPaint
DefWindowProcA

gdi32

GetStockObject
SelectObject
GetTextMetricsA
SetBkMode
TextOutA

msvcrt

memcpy

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data5
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data4
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ