3fb7598666d9c614c5df3f4697bd6e5a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3fb7598666d9c614c5df3f4697bd6e5a_JaffaCakes118
Size

6KB
MD5

3fb7598666d9c614c5df3f4697bd6e5a
SHA1

e696198b6641cd6b7d9d440096c254f4c0e72117
SHA256

d4e47eadaee84163d1742c94eff5fc66fd4c05d2a9689089ee2f16312dad75a8
SHA512

d0e00d69e4cf09930c37594a5334eaed082796a0f4a9a282d38c2d649d0cecbde4e5187a45a5bcd48887a7c711936f30027d97997c5c783e584280ee642302d3
SSDEEP

96:Z1C1s2EuYQZL/2/nJTatKivj9qBHgrHWmdO1UHMKzXshbH8gGsLUwwFKJtZ:72K4tKIBWAr2mjshbH8RsLUwwFKJtZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fb7598666d9c614c5df3f4697bd6e5a_JaffaCakes118

Files

3fb7598666d9c614c5df3f4697bd6e5a_JaffaCakes118
.exe windows:1 windows x86 arch:x86

85b28eaf66404becf3c2c712e58a545e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetCommandLineA
CreateMutexA
CreateThread
CreateEventA
SetEvent
CreateFileA
ReadFile
WriteFile
WaitForSingleObject
CloseHandle
GetLastError
SetThreadPriority
ExitProcess

user32

RegisterClassA
CreateWindowExA
DefWindowProcA
GetMessageA
SendMessageA
DispatchMessageA
LoadCursorA
LoadIconA
GetDC
ReleaseDC
GetWindowRect
EnumDisplaySettingsA
GetSystemMetrics
PostQuitMessage

gdi32

CreateDIBSection
CreateCompatibleDC
SelectObject
DeleteObject
DeleteDC
CreateFontIndirectA
SetDIBColorTable
BitBlt

comdlg32

GetOpenFileNameA
GetSaveFileNameA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE