b3f592a0c5a88ddaf2b53b35b3a309fe_JaffaCakes118 | Triage

Sharing

General

Target

b3f592a0c5a88ddaf2b53b35b3a309fe_JaffaCakes118
Size

260KB
MD5

b3f592a0c5a88ddaf2b53b35b3a309fe
SHA1

4106c58f42d976cb446c1ac45d6ecad8e55ffedd
SHA256

45311d87214ce8d47d55fd1b69161856f32ee38b2965ffde3c25dc4edba79447
SHA512

a084ee207863d5c0fd83335be0c4ea889476d40c21aff2232bf8fba60f3e53e1e31ff3d88a81f4336fb5a6e34fc394b6151a347d959361e523cbe2b84ae2f6aa
SSDEEP

3072:xm9v5NWZ+14hGIK/4MSUhM187r28YwONb8BxM03aEFUpnxsrOUPZP:M9vWbGR/PM1WNlGQLM03aEAxsrHt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3f592a0c5a88ddaf2b53b35b3a309fe_JaffaCakes118

Files

b3f592a0c5a88ddaf2b53b35b3a309fe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fff5c795c0b29ec390747d816fb089fe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
GetTickCount
GetCommandLineA
RemoveDirectoryA
GetConsoleOutputCP
SetCurrentDirectoryA
GetCurrentThread
GetProcessHeap
lstrlenW
GetDriveTypeA
GetACP
GetModuleHandleA
GlobalFindAtomA
GetUserDefaultLangID
SetLastError
GetCommandLineW
VirtualAlloc
MulDiv
IsDebuggerPresent
GetLastError

gdi32

MoveToEx
UnrealizeObject
RestoreDC
GetPixel
LineTo
OffsetViewportOrgEx
SetColorSpace
SetBrushOrgEx
BeginPath
EndDoc
ExcludeClipRect
GetStockObject
GetPaletteEntries
SetTextColor
GetTextMetricsA
GetDeviceCaps
SetViewportOrgEx

user32

CharNextA
GetInputState
GetDesktopWindow
GetMessagePos

comctl32

InitCommonControls

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 79KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gwkudgi
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE