3b63a89345e6131b9852e34f2ffccd8a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b63a89345e6131b9852e34f2ffccd8a_JaffaCakes118
Size

384KB
MD5

3b63a89345e6131b9852e34f2ffccd8a
SHA1

f30c057947e90eaa20ca7118a22ebb2f1a728700
SHA256

0c71da66fbf39fc23e1d0d24efbb3a7a555c5ee6798eb95f4ac05f2454e24084
SHA512

44ae1501b1ca39de446600ce50f082a704d68f9384283890a68d26c4bf5b234e0624d33ee562eb4bd9e64ab8e32a62ff235b5f1fd8996eac0b1f03def96f0ed9
SSDEEP

6144:6IV3M8y6rLd8TqcnaKOgvZJzydMKLqaDwes8mIwTSDSvK2HFo9W9bRklC7BHaDqO:6y3MUrZkqcnjNW3oym/TTrHyKRklA6e1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b63a89345e6131b9852e34f2ffccd8a_JaffaCakes118

Files

3b63a89345e6131b9852e34f2ffccd8a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fb04653648529d4a9ce1c529cdcd4a64

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

DrvGetModuleHandle
timeBeginPeriod
timeEndPeriod
CloseDriver

shlwapi

SHDeleteEmptyKeyW
SHDeleteEmptyKeyA
SHCopyKeyA
SHDeleteKeyA
SHQueryValueExW
PathIsRootA

user32

ReleaseDC

advapi32

RegLoadKeyA
GetUserNameW

kernel32

HeapAlloc
GetTickCount
GetSystemDirectoryA
GetCurrentDirectoryA
GetWindowsDirectoryA
HeapFree
GetDriveTypeW
lstrlenA
lstrlenW
GetFileAttributesW
BackupRead
GetWindowsDirectoryW
GetStdHandle
CloseHandle
CreateNamedPipeA
DeleteFileA
DuplicateHandle
GetConsoleMode
GetNamedPipeInfo
GetProcessHeap
GetBinaryTypeA
GetThreadLocale
GetComputerNameA

msvcrt

rand
toupper

version

GetFileVersionInfoA

ole32

OleRun

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 332KB - Virtual size: 330KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ