3cc700ac472034ee9429b84e704bdb2d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3cc700ac472034ee9429b84e704bdb2d_JaffaCakes118
Size

16KB
MD5

3cc700ac472034ee9429b84e704bdb2d
SHA1

fcb1d39d32c399c9da4f90500ad98c588ff6c5f8
SHA256

1ee0c015b247c826d3798800465d26592a33ce0026148f7d1e0501c952154cd7
SHA512

18b2804d407a7b35eede96eb3cf621333fa273f81b43310a3978a99ae0f266381f15b1c21f6433d14d9ea6c2d662eecf0de0a00999b8546e5d3718efeb4d3a09
SSDEEP

384:FEFlPSxqicWccwoTkSI0hUCneNk/O4FY8A/G:FYd9/WbrTxbMk/OCYXG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cc700ac472034ee9429b84e704bdb2d_JaffaCakes118

Files

3cc700ac472034ee9429b84e704bdb2d_JaffaCakes118
.exe windows:1 windows x86 arch:x86

3203d6aa7bbc768cb69f4d46816a4f08

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreateMenu
LoadKeyboardLayoutW
DestroyCursor
GetMessagePos
TileChildWindows
UnregisterDeviceNotification
EnumWindowStationsA

kernel32

OutputDebugStringA
WaitNamedPipeA
OpenSemaphoreA
LoadLibraryW
SetCalendarInfoA
TransmitCommChar

comctl32

ImageList_GetImageRect
CreateUpDownControl
ImageList_GetIconSize
_TrackMouseEvent
FlatSB_GetScrollRange
FlatSB_EnableScrollBar

ole32

HICON_UserUnmarshal
HMENU_UserUnmarshal
CoInitialize
StgOpenAsyncDocfileOnIFillLockBytes
CreateItemMoniker
CoFreeAllLibraries

msvcrt

getwchar
_scalb
_mkdir
_execlpe
_safe_fdiv
_safe_fdivr
_mbclen
realloc

Sections

.idata
Size: 10KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 916B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ