3c6691052dfc5b0d846efe5ab7f88554_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3c6691052dfc5b0d846efe5ab7f88554_JaffaCakes118
Size

72KB
MD5

3c6691052dfc5b0d846efe5ab7f88554
SHA1

d31f8a07e17b46522a3d49264961b788d8cbc220
SHA256

97b0923b86a8f5d7445af7bdb64fa879c2707a0090c5d8dae4e562769c261f8c
SHA512

a2f342062db1c6bbfa7f90504842a475986c4ae92b6f87ffa8491b45375b8bb35f02792c0bc7684a44ee91c7c0dad9a88ac0793f655c75bdb06f012cc22a99ed
SSDEEP

768:aROzxsAkJA715ucvV2KnQZOtztkeqFPkDzyHbxtQYdhyiioR2TZeDZHPP7IpB0x/:aRqxN/JVDZtV5wKIRyZeFnUrYQQCtt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c6691052dfc5b0d846efe5ab7f88554_JaffaCakes118

Files

3c6691052dfc5b0d846efe5ab7f88554_JaffaCakes118
.exe windows:4 windows x86 arch:x86

230a6002e3450c556c3382d343e6af83

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
FindClose
GetFileType
GetTempPathW
GetModuleHandleW
CloseHandle
GetModuleHandleA
CreateFileW
CreateFileA
GetTempPathA
GetStartupInfoA

user32

DrawTextW
IsWindowVisible
DeleteMenu
GetWindowRect
BeginPaint
ChangeDisplaySettingsA
DefWindowProcA
IsWindowEnabled
ShowWindow
GetWindow
DestroyWindow
EnableWindow
CloseWindow
CloseClipboard
CreateWindowExA
DrawTextA
EmptyClipboard
GetWindowTextA
DefWindowProcW
GetWindowTextW

gdi32

CreateCompatibleDC

advapi32

RegCloseKey

oleaut32

SysAllocStringByteLen
CreateErrorInfo
SysAllocString
SysAllocStringLen
SetErrorInfo
SafeArrayCopy
GetErrorInfo
SafeArrayCreate

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
strcmp

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ