3fd461f06b157c1bbf67acdb1a5b686d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3fd461f06b157c1bbf67acdb1a5b686d_JaffaCakes118
Size

34KB
MD5

3fd461f06b157c1bbf67acdb1a5b686d
SHA1

a7e058807d4c478ad1dcf970803cde71e8f99c1f
SHA256

1db675bc727e4a10f01e44b10e5c0abfa3eb3ea2e643f21b757c0451e3b9e215
SHA512

33326a3a6af4c93092565ce3d86e1f9a3de7c3e687ae879aadb00189e398d6659a353a28eabd2182edf11f18409acac2546f9c491ff2298750f57608bf376b24
SSDEEP

768:q6SmK6lclMldrmSDoPNR8ULYgrqi/PogVKwjH9q6DcEWTMC6FFWArEWEkb8wyC:xDoPNeErqiPxjH9hgEWwC6fWArEWTb8r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fd461f06b157c1bbf67acdb1a5b686d_JaffaCakes118

Files

3fd461f06b157c1bbf67acdb1a5b686d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

19b06480d57ef9742e4c397bc0fd7731

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterClassExA
SendMessageA
SetTimer
PostQuitMessage
TranslateMessage
UpdateWindow
MessageBoxA
LoadIconA
LoadCursorA
GetWindowThreadProcessId
GetSystemMetrics
GetSysColor
GetMessageA
GetDC
FindWindowA
EndPaint
DispatchMessageA
DefWindowProcA
CreateWindowExA
BeginPaint
ShowWindow

kernel32

VirtualProtectEx
TerminateProcess
ReadProcessMemory
OpenProcess
IsDebuggerPresent
GetProcAddress
GetModuleHandleA
GetLastError
GetExitCodeProcess
GetCommandLineA
ExitProcess
CreateMutexA
CreateFileA
CloseHandle
WriteProcessMemory

gdi32

TextOutA
CreateFontA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE