b3b683885596a5b798d8c7303042be5d_JaffaCakes118 | Triage

Sharing

General

Target

b3b683885596a5b798d8c7303042be5d_JaffaCakes118
Size

336KB
MD5

b3b683885596a5b798d8c7303042be5d
SHA1

398c6d57daa6d710ec380b5c22284aabc7dcf489
SHA256

d9f9108b95f8a0309904b0257d05c74a6c5a93898fc60007c19e3f0c88fa59bc
SHA512

3a0ab3a761e6b021b73cdd06cf7bbaaa812990b389cf554034beb060b8ab90dd99968356ba51616cfbeb5f289c4eae46080451c0667b3f6894fc726bfb55b651
SSDEEP

6144:8Z9ISZXtMC0bck9VXomSVcJLsENLIaQ2G4pu3xPu6tdxDhfaGcd6yUWppsKnSxUE:U9ISt2C0FbSVgLT57hpu3xG6Lx1faTdi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3b683885596a5b798d8c7303042be5d_JaffaCakes118

Files

b3b683885596a5b798d8c7303042be5d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e315b24704dceebc077eb7f325619d2e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_stricmp
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
?terminate@@YAXXZ
_except_handler3
_makepath
_wmakepath
wcscmp
wcscpy

kernel32

GetCommandLineW
HeapAlloc
GetProcessHeap
GetCurrencyFormatW
HeapReAlloc
HeapFree
IsValidLocale
GlobalGetAtomNameW
GlobalDeleteAtom
SystemTimeToTzSpecificLocalTime
RaiseException
InitializeCriticalSectionAndSpinCount
WideCharToMultiByte
GetStringTypeExW
MulDiv
Sleep
GetTickCount
GetCurrentThreadId
LocalAlloc
LocalFree
GetLastError

oleaut32

SafeArrayDestroyDescriptor
SafeArrayDestroyDescriptor
VarWeekdayName
CreateErrorInfo
OleLoadPictureEx
GetErrorInfo
SetErrorInfo
GetActiveObject
VariantInit
SysFreeString

msimg32

TransparentBlt

Sections

.text
Size: 229KB - Virtual size: 261KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE