b3d31e11950ff7d09752ba6005ae35f9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b3d31e11950ff7d09752ba6005ae35f9_JaffaCakes118
Size

116KB
MD5

b3d31e11950ff7d09752ba6005ae35f9
SHA1

14031d7e8da0111d191d4cee5fad8fc02416b30c
SHA256

c2e3977459282ff4afd32dcc6da90b4dd73b80468d8b3ceed26559cdd8116ef0
SHA512

9e7c710fc2652bdf23a8e6363c8f64a4f6f474757b0f2d708a761986e12612da85449a41fbd61be891eaf8af6c8594ba10d191c070f2059e400531e14ce3734a
SSDEEP

1536:UIPlDsdmYvG6l8zo6Ib+5tbDRX6xrtKXQ+5xYnRM6:UIPQTG6CDo+5Rsx5KX2ni6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3d31e11950ff7d09752ba6005ae35f9_JaffaCakes118

Files

b3d31e11950ff7d09752ba6005ae35f9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a4b766df6d0a71915dcb1d0a907fa825

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindAtomA
GetCurrentProcess
GetCurrentProcess
WriteConsoleInputA
GetCommandLineA
EnumSystemLanguageGroupsA
VirtualAlloc
ExitProcess
ResumeThread
WriteConsoleOutputCharacterW
GetVolumePathNameA
CommConfigDialogA
EnumResourceLanguagesA
GetPrivateProfileSectionNamesW
Toolhelp32ReadProcessMemory
FindNextVolumeMountPointA
GetConsoleTitleA
FindNextFileA
ShowConsoleCursor
PulseEvent
GetSystemTime
ExitProcess
ReadConsoleOutputA

user32

SetCapture
LockWindowUpdate
CallMsgFilterA
UnlockWindowStation
GetDlgItemTextA
InvalidateRgn
MapVirtualKeyA
LoadAcceleratorsA
GetClassWord
SetCaretPos
SetShellWindow
GetDCEx

gdi32

GetRasterizerCaps

Sections

.text
Size: 104KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textbbs
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ