3bc79d53b83137a83f41c41923c97f41_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3bc79d53b83137a83f41c41923c97f41_JaffaCakes118
Size

395KB
MD5

3bc79d53b83137a83f41c41923c97f41
SHA1

398d1ad83a3fd0101de925b7dd8145953fdf9a45
SHA256

73aee4e4a1245ae9f240c1685eabb130bb3b2e613e2f740370036df823c1ac1c
SHA512

e0bd392422757de959cd8c9b8b198d5184ad4974d94b92494f1ba89cdd3324209ce8f6a42b95a9bfd5c1302014795cd8fdd41ca2bf48e794c9d83ed72be85087
SSDEEP

12288:B2/R6PiZLaoc+q40ZR6z3/VjzxPRshoQQ6emnK:B2pPZLaClW4z3/V5uZQSnK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3bc79d53b83137a83f41c41923c97f41_JaffaCakes118

Files

3bc79d53b83137a83f41c41923c97f41_JaffaCakes118
.exe windows:4 windows x86 arch:x86

879610e80f4974b1444ed9441c976b52

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
ReleaseMutex
FindClose
WaitForSingleObject
CreateFileA
HeapSize
OpenThread
GetEnvironmentVariableA
DeleteFileA
GetConsoleTitleW
GetTickCount
GetFileAttributesA
GetStartupInfoW
Sleep
GetStdHandle
GetTickCount
GetModuleHandleA
GetLocalTime
WaitForMultipleObjects
SetLastError
CreateMutexW
RemoveDirectoryW
ExitProcess
GetCurrentDirectoryA
CloseHandle

user32

CallWindowProcW
DispatchMessageW
FillRect
DispatchMessageW
FindWindowW
GetWindowLongA
GetDC
GetSysColor
GetDC
GetClassInfoA
PeekMessageA
GetDC
MessageBoxA

vbajet32

VBAGetExprSrv
VBAGetExprSrv
VBAGetExprSrv
VBAGetExprSrv

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 624KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 428KB - Virtual size: 427KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ