3fc696396f265637c35da20a6a7d9a92_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3fc696396f265637c35da20a6a7d9a92_JaffaCakes118
Size

469KB
MD5

3fc696396f265637c35da20a6a7d9a92
SHA1

94a453675d9c9c561f4ee669374e2d7cadb6f496
SHA256

9bf08aea46f814f834b4c7ed6b800c48c46a0189706049967c04f7fa892534cd
SHA512

ce7e4675f2ecb4e527f23dc9d3b5d18dbdf69c316e939c7c5570aebaec9ac5f139c28bf1afd15dac6e53285542595520e290fb04555285cfbd40aa96f4b155c7
SSDEEP

12288:eElAsBY7tsSu4w/5cLZqEzTIm4Xw+uDHZAe:eOGps445cLZxIHXwxAe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fc696396f265637c35da20a6a7d9a92_JaffaCakes118

Files

3fc696396f265637c35da20a6a7d9a92_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5f2df7257758bf2707e2911007001ebd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResetEvent
CreateThread
LoadLibraryA
FindResourceA
GetModuleHandleA
LocalAlloc
LocalFree
GetCommandLineW
GlobalAlloc
GlobalFree
SetEvent
CreateProcessA
ExitProcess
GetTickCount

user32

GetClientRect
GetWindowRect
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
ShowWindow
UpdateWindow
CreateWindowExA
LoadBitmapA
SendMessageA
DestroyWindow

Sections

.text
Size: 48KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.
Size: 356KB - Virtual size: 628KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ