3cd65de5cf13cc10e34ce90334220f09_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3cd65de5cf13cc10e34ce90334220f09_JaffaCakes118
Size

18KB
MD5

3cd65de5cf13cc10e34ce90334220f09
SHA1

9510d21b329fe00b9d4b9e288a81469ede6d864b
SHA256

ab5e1a88600c0a43b2240487b84b1dae97983a3214b6acebb1a993257a3b411e
SHA512

c590a09e1b1acec789831a765acbeffa5cb94357602881706a9d6c11fb32bfffed8d591ca3baf38d4b18e6e0afbcddaf015c39968ce40a02c5956350f364d476
SSDEEP

192:BGU1vWP8YuWtTHnTNcHmNqnvn1GMwAGkMgUADQVpvHLz98WOsdZKBxTRy:sP5PTTWmqnnGFgrDKvHLzSWO8KBxo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cd65de5cf13cc10e34ce90334220f09_JaffaCakes118

Files

3cd65de5cf13cc10e34ce90334220f09_JaffaCakes118
.exe windows:4 windows x86 arch:x86

08828b01adb28ee33c328c84738c8d44

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLogicalDrives
IsDebuggerPresent
GetTimeFormatA
GetCommConfig
GetStdHandle
GetTapeStatus
GetACP
DeleteAtom
GetProcessVersion
HeapCreate
LoadLibraryExA
InterlockedExchange
GetCurrentThread
CreateHardLinkA
HeapDestroy
GetModuleHandleA
GetEnvironmentStringsA
VirtualProtect
GetCurrentProcessId
WaitForSingleObject
CreateFileMappingA

user32

SetForegroundWindow
BeginPaint
ReleaseDC
FrameRect
GetClassNameA
EndPaint
GetWindow
DrawTextA
ShowWindow
FillRect
GetFocus
GetParent
GetDlgItem
DragDetect
GetWindowTextLengthA
GetTitleBarInfo
SetActiveWindow
GetCursorPos
wsprintfA

advapi32

RegCloseKey
RegSetValueExA
RegFlushKey
RegCreateKeyA
RegEnumKeyA

setupapi

SetupCloseLog

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ