3c080c1e204efb43217e23abd558c957_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3c080c1e204efb43217e23abd558c957_JaffaCakes118
Size

424KB
MD5

3c080c1e204efb43217e23abd558c957
SHA1

3078656be6d86cd26c24a52198c57915bae6f349
SHA256

edd6ae5286da7edb1e9759c869cc174cb4732b1e7288bb84359fc2890b6a639e
SHA512

be0a3fa6159d2a4678a4b65c8523d41d35bdf70b8b28d626a6dae94f544e4547e8a27f432f6324a75ce88f86fd5e0760f9f0c6c9f785c461ceec0459514456ae
SSDEEP

12288:26h5mf3I2iwDzgn3Y5h6sriJd1UXzyDT9S/ecz:JXa3Kw/gnShk1UDB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c080c1e204efb43217e23abd558c957_JaffaCakes118

Files

3c080c1e204efb43217e23abd558c957_JaffaCakes118
.exe windows:4 windows x86 arch:x86

00db6b4f5bf4e34f2681adcaa8aba12c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryA
RaiseException
GetLastError
VirtualProtect
CloseHandle
SetEvent
ResetEvent
GlobalFree
InterlockedExchange
FindFirstFileExA
LoadLibraryExA
GetLocaleInfoA
SetErrorMode
EnterCriticalSection
HeapCreate
GetLogicalDrives
GetStdHandle
GetCommandLineA
GetACP
ReleaseMutex
Sleep

user32

SetForegroundWindow
EndPaint
ValidateRect
GetWindow
GetClassNameA
GetFocus
FillRect
FrameRect
ReleaseDC
DrawTextA
BeginPaint
FlashWindowEx
IsIconic
GetParent
wsprintfA
GetCursorPos
GetWindowTextA
ShowWindow
GetActiveWindow

dsound

GetDeviceID
DirectSoundCreate
DllGetClassObject
DirectSoundCaptureCreate
DirectSoundEnumerateA

clbcatq

CoRegCleanup

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ