3bf43dfb012b62c6b4ed5f7892e01c55_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3bf43dfb012b62c6b4ed5f7892e01c55_JaffaCakes118
Size

445KB
MD5

3bf43dfb012b62c6b4ed5f7892e01c55
SHA1

ec247235165bb0113ec2d8d374e82e2e6eb50970
SHA256

65485ef621ae76d68381a6289d01b0713b491b4e2b00dc03374731e9d419386e
SHA512

43cd0ff3c2bc399056e5874bf50e880d2087a577a1c0a9eb3b6fb1193cacf818c0e1ca592540c3602a73f74ceec3fc6ea1755a26772e7dc9a108c85dd6b9e2d6
SSDEEP

12288:oHf0AhgTUBPcaXQj0rs4DFdKm7KZoRyvMVXaYqEtP:oMR4BXApmYoKM8YqEl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3bf43dfb012b62c6b4ed5f7892e01c55_JaffaCakes118

Files

3bf43dfb012b62c6b4ed5f7892e01c55_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7f3c54acbace24c6d2f0b31d53ccd68f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
ExitProcess
GetFileSize
CopyFileA
AddAtomA
GetModuleHandleW
DeleteAtom
GetFileSizeEx
GetAtomNameA
GetModuleHandleA
CopyFileExA
ReadFile
GetFileAttributesA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetFileType
GetProfileStringA

user32

DestroyIcon
GetClassNameA
RegisterClassA
GetClassLongW
GetCursor
CopyIcon
GetWindowLongW
LoadIconW
GetClassInfoExA
DestroyCursor
GetClassWord
LoadCursorFromFileA
SetWindowLongW
RegisterClassExA
GetClipCursor
LoadCursorW
UnregisterClassA
GetCursorPos
GetCursorInfo
ShowCursor
GetClassInfoA
SetClassLongW

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 5.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ