3cc667c26fcf486b13ffa975d5783efc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3cc667c26fcf486b13ffa975d5783efc_JaffaCakes118
Size

134KB
MD5

3cc667c26fcf486b13ffa975d5783efc
SHA1

c1789b43f573c52539700d9bf266ab2e17a22248
SHA256

4e110335fda66d3f93c559444f7fd8e54e15225afa5b6ce84e2174f304605fe7
SHA512

b9fe4a0167e5b53537dd3ca2d1e2bb46610ceee4da2eb066b81a1a79bd252cac074d83ba3db239d514551c8e7e84af1232cf8e6f72f35e28ef77735fc3755f2a
SSDEEP

3072:sg9QnwG9HAFNeukNJM56/UNxeGc9tAHjPElaZP1YPZUPmu:sIQn+Neuts/UfI9tABP2P5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cc667c26fcf486b13ffa975d5783efc_JaffaCakes118

Files

3cc667c26fcf486b13ffa975d5783efc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

70357c6a6f03b178b3d46fb1cd5cb740

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

S:\zdxgharo\fQEoylo\qrlYro.pdb

Imports

user32

InvertRect
GetMenuDefaultItem
wsprintfW
CharToOemW
RemovePropA
DeleteMenu
ShowWindowAsync
DrawIcon
GetClassInfoW
MapWindowPoints
DestroyCaret
OemToCharA

kernel32

IsBadCodePtr
VerifyVersionInfoW
lstrlenW
GetSystemDefaultLangID
SetEndOfFile
WaitCommEvent
CreateDirectoryA
HeapSize
CancelWaitableTimer
UnmapViewOfFile
DefineDosDeviceW
LeaveCriticalSection

shlwapi

StrCatBuffW

gdi32

CreateBitmapIndirect
CreatePen
GetBitmapBits
SetAbortProc
StretchDIBits
AddFontResourceW
GetTextCharsetInfo

Exports

Exports

?cfcnuiialBnrZfKbleHKwz@@YGJGE@Z
?KgeXbjmqhBqeniplz@@YGPAHMD@Z

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ