3ac5bb3a3252b8d5cb36fe3e4ea03483_JaffaCakes118 | Triage

Sharing

General

Target

3ac5bb3a3252b8d5cb36fe3e4ea03483_JaffaCakes118
Size

44KB
MD5

3ac5bb3a3252b8d5cb36fe3e4ea03483
SHA1

1da31f90b117d930adfae39e6ad6b1168073786e
SHA256

237630376dab9121ef492aff65acade9c434c3fea6f5d7e52ba0d87f67538399
SHA512

c8b3bb39c8a447d5fa50ff439c9156666cda79b2d18aed7eb9c5299cca94b85510235db33c21acc9bb59d3d315f2608882e920489054d3c7dde1f024f135f9ed
SSDEEP

768:YlZ/jytMo9cQzTGfmgcqurqHt4msFZ/jytMo9cQ:YbeeoKQVgurat4meeeoKQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ac5bb3a3252b8d5cb36fe3e4ea03483_JaffaCakes118

Files

3ac5bb3a3252b8d5cb36fe3e4ea03483_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eef3de2bcd75749f3dc8d31448d99734

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextFileA
Sleep
CopyFileA
SetFileAttributesA
GetModuleFileNameA
GetModuleHandleA
FindFirstFileA
GetDriveTypeA
SetProcessWorkingSetSize
GetCurrentProcess
GetLogicalDriveStringsA
ResumeThread
CreateThread
WriteProfileStringA
CloseHandle
GetWindowsDirectoryA
ExitProcess
GetLastError
CreateMutexA
WinExec
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetCPInfo
GetACP
GetOEMCP
WideCharToMultiByte
MultiByteToWideChar
RtlUnwind

user32

TranslateMessage
DispatchMessageA
GetMessageA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE