d3ef6513543ba07e1289137a7f65870b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d3ef6513543ba07e1289137a7f65870b_JaffaCakes118
Size

168KB
MD5

d3ef6513543ba07e1289137a7f65870b
SHA1

c7740537ac4614e38b4a0bd3185cff6a9f98fc0a
SHA256

c0a61aece0f4407167bae8b75236a134f25316ea98f57f3e49d808673ec7805b
SHA512

8bb59eef533bdf11e95bd02bcd28261acd0f8fb3d6f2567fb79a32fe6132b5792c72299428ea5ee173608ca61ef474ed0bd85bd421c6d235a0cdbe90214e0b5d
SSDEEP

3072:a3QMFan00CGh5Hin4+p2pbB1qji3hb5vaZ+vu9Tt+nwlsDtvKh3Ke7/kS2Z:a3lFax5H04RptSixRaZXvmDtvK9Ke7/E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3ef6513543ba07e1289137a7f65870b_JaffaCakes118

Files

d3ef6513543ba07e1289137a7f65870b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1fb1c0e213ddbbb523e8a8e7e39a7576

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
CompareFileTime
HeapCreate
lstrlenA
LoadLibraryExA
GetVersion
WaitForSingleObject
SuspendThread
SetConsoleCP
GetConsoleCP
GlobalUnlock
GetTickCount
GetCommandLineA
GetStdHandle
GetSystemDefaultLangID
GetModuleHandleA
VirtualProtect
InterlockedExchange
GetAtomNameA
WaitForMultipleObjects
CloseHandle

user32

InsertMenuA
CreateIcon
EnableScrollBar
DrawCaption
GetKeyState
FindWindowA
IsDialogMessage
CreateMenu
GetDlgItem
GetCursorInfo
DragObject
SetWindowPos
SetPropA
CopyImage
SetScrollInfo
DestroyMenu
InvertRect
DialogBoxParamA
GetKeyboardLayout
DispatchMessageA
FillRect

advapi32

RegCloseKey
RegEnumKeyA
RegEnumValueA
RegQueryInfoKeyA
RegCreateKeyExA

apphelp

ApphelpCheckExe

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 780KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ