3fc9108c673ad87096f172f0252b878e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3fc9108c673ad87096f172f0252b878e_JaffaCakes118
Size

3KB
MD5

3fc9108c673ad87096f172f0252b878e
SHA1

c18d8949f0a22c6434ac8951542d6494bc856e3b
SHA256

f575f4453f40662d07284741739055d4faeed13746aaccf9b9eb150a7b2a4dc8
SHA512

8cc1277d1998b22ab193d6013bee802311b37d30912c792cb24d9d5bea90eac15b1fd03c60347439bf8dcdfe7a13aae100eb06ed77c5b3ad394dec1a9fdffea5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fc9108c673ad87096f172f0252b878e_JaffaCakes118

Files

3fc9108c673ad87096f172f0252b878e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6bb70d2a73e0ee4c196cfc03550d778c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
LoadStringA

kernel32

MultiByteToWideChar
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
GetModuleFileNameA
GetModuleFileNameW
GetVersionExA
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
RtlUnwind

gdi32

GetObjectA

winspool.drv

OpenPrinterA

advapi32

RegCloseKey

comctl32

ord17

oledlg

ord8

ole32

CoRevokeClassObject

oleaut32

VariantInit

Sections

.text
Size: 3KB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE