3fdce1d5a7d95476fc2936c1629c22aa_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3fdce1d5a7d95476fc2936c1629c22aa_JaffaCakes118
Size

175KB
MD5

3fdce1d5a7d95476fc2936c1629c22aa
SHA1

3ea391b5cf86f55906fa3e36bad7f8198d49693d
SHA256

a7d3c759867f7a80e7a553b90413251ab35b2e3724740db19e878d434898adb5
SHA512

2dcc6ec7414a16b4f37b9d7ead974be8bf395807e77b34ccd5810a9346557b00e2db65cf53cf0eae28610d186c4f06b842c6d0c53a1b9a8c56121144876df05a
SSDEEP

3072:NYG9k7voXqJ8P5IHTK1Y09DbUG4ia0yZsJBAVlK0K83iRzQGqpna:+Wk7v3O1YYUG4PfYA3g83oQ7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fdce1d5a7d95476fc2936c1629c22aa_JaffaCakes118

Files

3fdce1d5a7d95476fc2936c1629c22aa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d7df6465ff3f7b6dda0a955c716826ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowTextA
EnumWindows
wsprintfW
GetWindowThreadProcessId
IsWindowVisible
wsprintfA

setupapi

CM_Get_Depth
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyA
CM_Get_DevNode_Status

kernel32

FindFirstFileW
GlobalAddAtomW
FindResourceExA
HeapFree
EnumResourceTypesA
FindNextFileW
SetLastError
EnumResourceLanguagesA
GlobalFree
LoadResource
RaiseException
SizeofResource
GetProcAddress
GetProcessHeap
EnumResourceNamesA
EnumResourceNamesA
InterlockedExchange
GetCommandLineA
GetModuleHandleA
FindFirstFileA
LockResource
MultiByteToWideChar
LoadLibraryW
HeapAlloc
LocalFree
GetCurrencyFormatA
CloseHandle
GetLastError
FormatMessageA
GetCurrentDirectoryA
Sleep

Sections

.text
Size: 94KB - Virtual size: 486KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ