3b324f620a8b332eabe98ea068077116_JaffaCakes118 | Triage

Sharing

General

Target

3b324f620a8b332eabe98ea068077116_JaffaCakes118
Size

38KB
MD5

3b324f620a8b332eabe98ea068077116
SHA1

228df197783b72ea66155660bbfdc69bf7f16db3
SHA256

0eb7912c82017b2dc01630db8dbf54c4a3bc27c165beee5489fe32d8b3258558
SHA512

586fb2d38a7ca136393bba894479556bb033b4aa2170e75da7511a4433b0e15c93f4bcc509adae7b2fe408655fd4310ae2d6f72952ba52a2c9b744bab9e2ab56
SSDEEP

768:PRdHWcz4yZQ5w3PpQkz3sIhu3fcWnHC2GJknUsaqBZcPNjErvvpdRwhJ:ZFWI495wfiD7GJkJasZcPNjUvNwhJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b324f620a8b332eabe98ea068077116_JaffaCakes118

Files

3b324f620a8b332eabe98ea068077116_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8f77954e647970c0e6f47f2d1fee8440

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FoldStringA
RaiseException
GlobalDeleteAtom
CloseHandle
HeapCreate
GlobalFree
GlobalUnlock
SetErrorMode
EnterCriticalSection
InterlockedExchange
LockResource
GetLocaleInfoA
GetACP
GetStdHandle
SetConsoleCP
LoadLibraryExA
GlobalAddAtomA
VirtualProtect
GetDriveTypeA
Sleep
GetLastError

user32

EndPaint
DrawEdge
GetParent
GetFocus
GetClassNameA
GetMenuItemInfoA
ShowWindow
BeginPaint
DrawTextA
SetForegroundWindow
IsIconic
ValidateRect
CharToOemA
GetWindowTextA
GetActiveWindow
ClipCursor
GetCursorPos
ReleaseDC
GetWindow

version

GetFileVersionInfoSizeA
VerLanguageNameA
VerFindFileA
VerQueryValueA
GetFileVersionInfoA

rasadhlp

WSAttemptAutodialName

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 752KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ