3b596d8b3ccf137f0706670a119caf30_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b596d8b3ccf137f0706670a119caf30_JaffaCakes118
Size

751KB
MD5

3b596d8b3ccf137f0706670a119caf30
SHA1

1af0b5d472b66e4820517227eefb5c258d67e74f
SHA256

88e66b02240ce0320b6e1872d537a9b9358925837af7c2d9d3a50c1c5c924d37
SHA512

6f82bcf7eadc740bb61c27fdc20b29ea67ba815ba048f5b964fe79948f595911461770aa7d174c5bbdeedecad01c23f37f122074e1ea77456ef53395527e1915
SSDEEP

12288:NOz6+xqf0aQq/rvPLr4kfMZVSblnqGTLofRQdljwb+3qq3Tp+XuxLJ7L4/4wisZs:NOZJevTr47ZGC5Q5aq3F+XSe/r1Gcnd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b596d8b3ccf137f0706670a119caf30_JaffaCakes118

Files

3b596d8b3ccf137f0706670a119caf30_JaffaCakes118
.exe windows:4 windows x86 arch:x86

79824bfbae13aa49a684eaa0244dcc31

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
DeleteFileW
ExitProcess
VirtualAllocEx
GetModuleHandleA
WriteConsoleA
RemoveDirectoryA
OpenProcess
GetFileAttributesA
CreateMutexA
SetLastError
ReleaseMutex
GetCommandLineW
ClearCommBreak
GetStartupInfoA
GetEnvironmentVariableW
ResetEvent
SetConsoleCP
HeapSize
GetTickCount
SetEvent

user32

DispatchMessageW
GetDC
DispatchMessageW
FindWindowA
GetCursorInfo
GetCaretPos
GetClassInfoA
CallWindowProcW
GetWindowLongA
PeekMessageA
GetDC
GetDC
GetSysColor

linkinfo

CreateLinkInfoA
CreateLinkInfoA
CreateLinkInfoA
CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 745KB - Virtual size: 745KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ