3b5e6a53f70cfc3c12e38afa64d78e9c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b5e6a53f70cfc3c12e38afa64d78e9c_JaffaCakes118
Size

636KB
MD5

3b5e6a53f70cfc3c12e38afa64d78e9c
SHA1

322bbd455c7957ca44172f6ee6d439b8a6daccf1
SHA256

642f775bffe9a0fb022d0bb0d82f4b282695c4bc8daf6f8e0095a333522710c1
SHA512

64620468985066e53f78630eaeea5f7d41bd3bf89f795fa6f8cba2893d38d192e7b0463fbd552eedcbca66b7c0454b3438cae4d2ed1fedafdecd28063899e83f
SSDEEP

12288:SAeFV4TULyn6WjrUpDLeswTzKuQ0Snf2ulV65CVJqP5:Q4T6ArU5Lo6Ou+uJqx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b5e6a53f70cfc3c12e38afa64d78e9c_JaffaCakes118

Files

3b5e6a53f70cfc3c12e38afa64d78e9c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5decc1700dd2fd0b1afeaa2b44fa47cf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDefaultLangID
HeapCreate
GetModuleHandleA
CloseHandle
CompareFileTime
SuspendThread
GetAtomNameA
WaitForSingleObject
lstrlenA
SetConsoleCP
GetStdHandle
LoadLibraryExA
GetTickCount
GetVersion
GlobalUnlock
VirtualProtect
WaitForMultipleObjects
GetConsoleCP
GetCommandLineA
InterlockedExchange
HeapReAlloc

user32

GetCursorInfo
DragDetect
SetWindowPos
DestroyMenu
DialogBoxParamA
DispatchMessageA
InsertMenuA
FindWindowA
SetScrollInfo
FillRect
GetKeyState
IsDialogMessage
SetPropA
DragObject
GetDlgItem
InvertRect
CreateMenu
GetKeyboardLayout
DrawCaption
CreateIcon

winmm

CloseDriver
PlaySoundA
auxSetVolume
OpenDriver
auxGetVolume

version

VerQueryValueA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ