a3f82b3a913f94199ebfe235718e7f48_JaffaCakes118 | Triage

Sharing

General

Target

a3f82b3a913f94199ebfe235718e7f48_JaffaCakes118
Size

82KB
MD5

a3f82b3a913f94199ebfe235718e7f48
SHA1

2b3f4bedd7bc4bcf19434406170443fb69eee23e
SHA256

2cdeea11b331feea3e03f2afeb71e068d7f961e2feee700e9705dc164f00be0a
SHA512

1ed4310272f994e6daf4ea8a3539640d29ccbdb1eb26c22bcacbb441999279ac7072ff4449acd9d33bc9193b6ed7b2c7c96ed1f227a1b102a65bdb0cfab25f73
SSDEEP

1536:emP+tb9FpOF0riIRpw6pyolN5CsmEy0LBfdz3IW3Z3x62kRWI:eztb9WF0u+6myobfVy0L9dEW3Z3xX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3f82b3a913f94199ebfe235718e7f48_JaffaCakes118

Files

a3f82b3a913f94199ebfe235718e7f48_JaffaCakes118
.exe windows:5 windows x86 arch:x86

29e5774613eb149977022b153696713d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MoveFileW
AddAtomA
GetModuleHandleW
FlushViewOfFile
VirtualFree
LoadLibraryA
ExitProcess
GetModuleHandleA
CreateDirectoryExW
DeleteFileW
GetFileSize
VirtualProtect
GetFileTime
VirtualAlloc
ExitProcess
OpenMutexW
UnlockFileEx
FindNextFileW

msvcrt

isspace
_ismbclower
_except_handler2
getenv
is_wctype
rename
putchar
memcpy
abs
_wgetdcwd

comdlg32

GetFileTitleA
ChooseColorA
GetFileTitleA
ChooseFontW
CommDlgExtendedError
dwOKSubclass
WantArrows
GetOpenFileNameA

winmm

mciGetDeviceIDFromElementIDA
midiInGetErrorTextW
mixerClose
mmioSendMessage
mciFreeCommandResource
DefDriverProc
midiDisconnect

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ