3734024ed1cddb44bb591d1206b3875a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3734024ed1cddb44bb591d1206b3875a_JaffaCakes118
Size

745KB
MD5

3734024ed1cddb44bb591d1206b3875a
SHA1

96afb084a091801959bd94e4cf98de65f0287551
SHA256

f0999adb2cf9ae3243865107eae197095af344a406c4a3f2b9ab30b02bd371ad
SHA512

3cef19d613bbad73c14d14a178975e4b816ff7651b3ff435ecfef58eeb22ee604449f1693f91952ab6d88b0c90d07eb89f422bc18f5797116bc96392e36d27c6
SSDEEP

12288:LhBP66HqWPqihA0mkGBIuJbUaR51X4j4pgUa9eX/qvtY3u/RGT6k6p3/KlbJthC:LeIqWPE0F4rJbFajJNA/qve3u/gT6k6y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3734024ed1cddb44bb591d1206b3875a_JaffaCakes118

Files

3734024ed1cddb44bb591d1206b3875a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

086db2b0d4f8264becb23028654d5ec8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SuspendThread
CloseHandle
GetModuleHandleA
SetLastError
GlobalLock
EnterCriticalSection
HeapFree
HeapCreate
GetCommandLineA
Sleep
IsBadReadPtr
GetFileTime
LocalSize
MapViewOfFile
SetFileAttributesW
GetCommandLineW
GetEnvironmentVariableW
ReadFile
GetCurrentDirectoryW
WaitForSingleObject
SetLastError
ExitProcess
GetDriveTypeA
GetFileAttributesA
GetFileType

uxtheme

GetWindowTheme
DrawThemeBackground
GetThemeBool
GetThemeTextExtent
SetWindowTheme
CloseThemeData
IsThemeActive
GetThemeTextMetrics
GetThemeEnumValue
GetThemeColor
OpenThemeData
DrawThemeEdge
CloseThemeData

deskmon

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 738KB - Virtual size: 738KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE