3b02eddafdb81be39fc5107531e13803_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b02eddafdb81be39fc5107531e13803_JaffaCakes118
Size

72KB
MD5

3b02eddafdb81be39fc5107531e13803
SHA1

a529d32c51d37c07b7a2ec763fda4c7a61214f11
SHA256

264f31f8038c4f93c7ee00452703bc78d444490bbd8b9a7f3dac152366e48418
SHA512

65dc7ea112fd98c7a4137e006a9b9c98c43af4fafd7377c5652baba2adee0ac09e55ef1192a62cba6c09eb79d2c216b967f195589dc37ecd9f1f1288628d628d
SSDEEP

768:bz50oZKdbf2QOGUTDMVPcQFZUdvbQ/fM5dX+9Nm04RsrHMHad25i4qdi:bz50gGUPMWLpbQ/UTO7msrp2E4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b02eddafdb81be39fc5107531e13803_JaffaCakes118

Files

3b02eddafdb81be39fc5107531e13803_JaffaCakes118
.exe windows:4 windows x86 arch:x86

65c87e6b49e104170a0b41ccf5593464

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW
GetCurrentThreadId
GetDriveTypeA
IsBadStringPtrW
GlobalFlags
ReleaseMutex
WriteFile
TlsGetValue
ReleaseMutex
GetCurrentProcessId
FindAtomA
GetPrivateProfileStringA
GetFileTime
LocalFree
CreateEventW
lstrlenW
HeapCreate
InitializeCriticalSection
FindClose
GetEnvironmentVariableW

user32

DispatchMessageA
GetClientRect
IsWindow
DrawTextA
GetSysColor
GetKeyboardType
SetFocus
CallWindowProcW
EndDialog
CreateWindowExA
GetSysColor
DrawStateW
GetClassInfoA

rastapi

DeviceDone
DeviceDone
DeviceDone
DeviceDone
DeviceDone

clbcatq

DllGetClassObject

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 62KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ymzeqiu
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE