3c086b57d8b02ff97489a9bf64c8ccbd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3c086b57d8b02ff97489a9bf64c8ccbd_JaffaCakes118
Size

763KB
MD5

3c086b57d8b02ff97489a9bf64c8ccbd
SHA1

51ade17a83f123986f81db847e87740f230ccac8
SHA256

8dc35ed97c3c81b014327ba729509af2e6b6cb5588506f0860a04fd062f4911e
SHA512

39560b4131e4082b63b32d1069f9301dbef692217850cf2a0eafdd90a066d1ecfd38a442862e7d70640262d92c8dd775f8c3471f60759ebafc3a99a90ee9db81
SSDEEP

12288:DWAeWXwxwWKifMccAhF6zAxKH5Ik/O0B4opF5M9yj28ELDyCKx40WBrAyIn/Bvr:DjeS+FUOhkKS/Iyj5ELRKxU+9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c086b57d8b02ff97489a9bf64c8ccbd_JaffaCakes118

Files

3c086b57d8b02ff97489a9bf64c8ccbd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4be22c063e690c01e3f716173c9aa383

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
FindResourceA
OpenMutexW
GetModuleHandleA
VirtualQuery
GetCommandLineA
lstrlenW
CloseHandle
GetStartupInfoA
GetModuleFileNameW
ResetEvent
HeapDestroy
CloseHandle
DeleteFileW
Sleep
CreateEventA
GetCommandLineA
HeapCreate
GetTimeFormatA
TlsGetValue

user32

GetClassInfoA
GetWindowLongA
IsWindow
DispatchMessageA
CallWindowProcW
GetSysColor
DrawTextW
DispatchMessageA
FindWindowA
PeekMessageA
DestroyMenu
IsZoomed
CreateIcon

ntlanman

NPOpenEnum
NPOpenEnum
NPOpenEnum
NPOpenEnum

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 754KB - Virtual size: 753KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ