3feaaf410ad7007e1ad7caaf9df70a48_JaffaCakes118 | Triage

Sharing

General

Target

3feaaf410ad7007e1ad7caaf9df70a48_JaffaCakes118
Size

318KB
MD5

3feaaf410ad7007e1ad7caaf9df70a48
SHA1

5972378f125a56d457dcc47b9b9865a3c1c59556
SHA256

1409a6bd3327ab2ae58ceab9f2bdf1797612cda93b4367f62f4826e2f417e365
SHA512

eb26bdfb5fb848cbcbb16117d65dd7d1d1ec1e322b907a29eaa0d321f976710c059498743b28d15b829f1f394eab7943bd92c7f50ec6d704150b58559c461b23
SSDEEP

6144:IgmWGRfN6uWHrUr2QeJ8cVS7mpteh3Dzah6uvnFJyQdhdgwV:IgmhfN6u4UST9smptI/JuPX79

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3feaaf410ad7007e1ad7caaf9df70a48_JaffaCakes118

Files

3feaaf410ad7007e1ad7caaf9df70a48_JaffaCakes118
.exe windows:5 windows x86 arch:x86

138152e082d82ca8c425889d481895c1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalHandle
GetWindowsDirectoryA
GetTempPathA
ExitThread
PulseEvent
SetConsoleScreenBufferSize
Heap32ListNext
LocalUnlock
ExitProcess
VirtualProtect
GetModuleFileNameA
GetVersionExA
VirtualAlloc
GetTempFileNameA
GetPrivateProfileIntA

user32

GetClipCursor
PostThreadMessageA
GetForegroundWindow
PostThreadMessageW
GetClassNameA
LoadLocalFonts
DrawCaptionTempA
RedrawWindow
GetMenuStringA
ArrangeIconicWindows
BroadcastSystemMessageExA
IsWindowInDestroy
RegisterDeviceNotificationA
DrawEdge

Sections

.text
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 61KB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 190KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ