3fb6e3055c4adf5f810c7f83e8a987d7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3fb6e3055c4adf5f810c7f83e8a987d7_JaffaCakes118
Size

174KB
MD5

3fb6e3055c4adf5f810c7f83e8a987d7
SHA1

35b710cb99fde5e2b8ff5625bfe60bb4f93249ba
SHA256

a26a19b5adf694a6a53475b2ba972d3502770037b5e7fdda83e9fa7655587fea
SHA512

c0a82ef181a678e14adce40c35adf2e50b36ddbbf5e0d36cff367e1a3af3ad4a1c2a46b9760cb5e5f6784bf6f172106321cdafdf0b2ec182124c06a7f2cd08cd
SSDEEP

3072:Nyu8kclhpbJUmOYzwhCYCOGl+teZireRIVPr92o9QbJybdd3X10i1g+29j787aUT:NTMpbGmsCYTGQttreRCPZ2o9eJyby2gw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fb6e3055c4adf5f810c7f83e8a987d7_JaffaCakes118

Files

3fb6e3055c4adf5f810c7f83e8a987d7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bc5a2bedb7240ed3e31bef0b64dcb574

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wtsapi32

WTSEnumerateSessionsW
WTSQuerySessionInformationW
WTSFreeMemory
WTSUnRegisterSessionNotification
WTSRegisterSessionNotification

kernel32

GetTickCount
LoadLibraryExW
LocalAlloc
HeapFree
GetSystemTime
SystemTimeToFileTime
WideCharToMultiByte
CloseHandle
HeapAlloc
HeapReAlloc
GetCurrentProcess
HeapSize
GetCurrentProcessId
CreateFileW
RaiseException
GetStartupInfoA
HeapFree
GetLocaleInfoA
lstrlenW
LoadLibraryW
GetStdHandle
GetThreadLocale
GetACP
HeapDestroy
TerminateProcess
EnumResourceTypesW
InterlockedCompareExchange
CompareFileTime
Sleep
UnhandledExceptionFilter
GetSystemTimeAsFileTime
lstrlenA
GetModuleHandleA
GetCurrentThreadId
GetEnvironmentVariableA
QueryPerformanceCounter
InterlockedExchange
WriteFile
GetProcessHeap
MultiByteToWideChar
IsDebuggerPresent
SetUnhandledExceptionFilter
CreateProcessA
lstrcpynW

oleacc

LresultFromObject
AccessibleObjectFromEvent

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ