b35841d38bbf2533838397cbff00de1f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b35841d38bbf2533838397cbff00de1f_JaffaCakes118
Size

187KB
MD5

b35841d38bbf2533838397cbff00de1f
SHA1

646e3330d0c6ac6bf489fd1545e0eebd029aeb61
SHA256

3c9e87d340f4235324d202e77f3a77915b2177edf0d70bb7fd6a97619b80120a
SHA512

84ef1af640f0c5ffa213aa7d8be265d343fb577d8a53f72111b8972e285c4898ab62a163184121b95d69b3d0bc48dd2f4ec2380fb25002c47d8b303dad833e48
SSDEEP

3072:1CaumHEM0fKmpPpfywdpOufbz93f/1b9cWwAVrdmhZ4uwz/Uu5HOCbQ:NumH18KmpR9Fv9P/fcWwarL/Uu5HF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b35841d38bbf2533838397cbff00de1f_JaffaCakes118

Files

b35841d38bbf2533838397cbff00de1f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6711ba9940ea5ccce46a12b90db7d4fc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyW
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryValueExW
RegDeleteKeyW
RegSetValueW

kernel32

GetShortPathNameA
LoadLibraryW
GlobalFree
CreateFileW
GetFileInformationByHandle
GetProcAddress
GetCurrentThreadId
EnumResourceTypesW
GetLastError
ExitProcess
GetCurrentProcessId
CloseHandle
UnhandledExceptionFilter
GetModuleHandleW
GetVersionExW

msvfw32

ICOpen
ICSendMessage
ICClose
ICDecompress

user32

PostMessageW
GetWindowPlacement
SetCursor
SetRectEmpty
GetClientRect
InvalidateRect
AdjustWindowRectEx
FillRect

Sections

.text
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 364KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ