003b2e145b752f0e1099035b32d048de_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

003b2e145b752f0e1099035b32d048de_JaffaCakes118
Size

277KB
MD5

003b2e145b752f0e1099035b32d048de
SHA1

05ba5178df983092892230f3033a3bcd6993e9dd
SHA256

1ef9c7282fdb73dcb971317858fc03a7d37003ca31b736faba424e2045f253ea
SHA512

7fccff9ae3ab67955b99e7cc184ce745359342daa849b380394618498f02256e0dd437f2ec6b55bc7e97bad006cd3533b229548a5f54be57215509537aa822b4
SSDEEP

6144:v3pZ4brBcBF/HnBU+VwB4k+cGwcJgTH9zt:vpZ64FnFqSk+kYo9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
003b2e145b752f0e1099035b32d048de_JaffaCakes118

Files

003b2e145b752f0e1099035b32d048de_JaffaCakes118
.exe windows:5 windows x86 arch:x86

124ee49f59b930b122b9d6299c303026

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
WriteFile
CreateFileA
GetVersion
GetTickCount
GetLocalTime
GetSystemTime
lstrcatA
lstrcpynA
lstrlenA
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
FindAtomA
GetTempPathA
WaitForSingleObject
CreateProcessA
lstrcpyA
GetLastError
GetTempFileNameA
lstrcmpA
ExitProcess
RtlUnwind
VirtualQuery
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent

user32

GetWindowRect
wsprintfA
EqualRect
GetCaretPos
InflateRect
IsWindowVisible
GetCursorPos
ClientToScreen
GetFocus

shlwapi

SHGetValueA

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 263KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE