3a7689c3e887899a62decff20e46df7d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3a7689c3e887899a62decff20e46df7d_JaffaCakes118
Size

269KB
MD5

3a7689c3e887899a62decff20e46df7d
SHA1

1c3703f22d7f593d9bb312083d9a8ebe26faab8d
SHA256

e3f555713a5cf6eec928684d1d53304620a3dcc30242a22de30e58db3643b935
SHA512

857a5eee140bf99f77f6de1f6612835d79da1b72db6a2f64a7e68fa6d7a0f00fd6776e0b1acb3dd2855ce2673098ae64132f5aa3d5b6f6acdb223687957fd546
SSDEEP

6144:ggKlkirKqKOWIAgeM3gt2yW72qyfuJjxk9c:gh6+TWOQt2X72RfaK9c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a7689c3e887899a62decff20e46df7d_JaffaCakes118

Files

3a7689c3e887899a62decff20e46df7d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4e15515fe4045ad2e39eb56537a30fd3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDlgItem
GetWindowTextA
DrawTextA
IsMenu
LoadMenuA

advapi32

RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteValueA

kernel32

lstrlenA
DeleteFileW
ExitProcess
WriteFile
GetLocalTime
FlushFileBuffers
FormatMessageA
CopyFileA
FreeResource
GetFileType
CopyFileExA
GetCommandLineA
GetPriorityClass
DeleteFileA
CreateDirectoryA
CompareStringA
ExitThread
HeapFree

Sections

.cea2g
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.6ga42
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eeaf
Size: 218KB - Virtual size: 485KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.2geg5
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.9e0ff
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE