3cbedabd1537fa3615d988a49d51e633_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3cbedabd1537fa3615d988a49d51e633_JaffaCakes118
Size

175KB
MD5

3cbedabd1537fa3615d988a49d51e633
SHA1

b34d4ca3fa7e67ab9a09eee125256e04c3d08f10
SHA256

65421f9397642d28bc6e30b716b75d2530792010461f9461dcae7c2f9e684652
SHA512

a4affdffd68622cea02bd97ff1316a3dbb3fb9111e5f017df528f3dbf8992f587d5a6d0a34dc22ca2fbcd93d5b71588cac2473cd32dd545b470934e7e7c8f0f0
SSDEEP

3072:rrknrxCvhFS4Q0pCAIS73DzteyLOETAPEbkcyNCymr+0Wbt0q57Toy:Urwhw4Qd3C3DTLOEnxsl0q5Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cbedabd1537fa3615d988a49d51e633_JaffaCakes118

Files

3cbedabd1537fa3615d988a49d51e633_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a92fa31ef8294968d6e50f6b5081784f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

CharNextW
TranslateMessage
CharUpperW
SetTimer
DispatchMessageW
KillTimer
SendMessageA
GetMessageW
PostThreadMessageW
GetDC
wsprintfW
UnregisterClassA

kernel32

lstrcpyA
MultiByteToWideChar
WideCharToMultiByte
lstrcpyW
LockResource
GetCPInfo
GetProcessAffinityMask
InitializeCriticalSection
lstrcpyA
lstrlenW
EnumResourceNamesW
GetACP
FindClose
lstrcmpiW
GlobalFree
OutputDebugStringW
GetTickCount
FreeEnvironmentStringsW
GlobalAlloc
GetLastError
GetModuleHandleW

shlwapi

PathCombineW
PathFileExistsW

oleacc

LresultFromObject
CreateStdAccessibleObject

ole32

CoUninitialize
CoTaskMemFree
CoInitialize
StringFromGUID2
CoRevokeClassObject
CoTaskMemRealloc
CoCreateInstance
CoRegisterClassObject
CoTaskMemAlloc
StringFromCLSID

Sections

.text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ