3d5055752aa41c78f866f9bff719a8cb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3d5055752aa41c78f866f9bff719a8cb_JaffaCakes118
Size

158KB
MD5

3d5055752aa41c78f866f9bff719a8cb
SHA1

ac78e1c761ca71924dcfefe4dbfedd1be83fd19a
SHA256

b694d701f116cfd59c7b0912d4acfed9b4a3368394a9299121fa1cd5fb493717
SHA512

2081e7bcdd3c7402da246da06a6aad53c570a5d07aa0bdb899d1cc911833c01bea3a19d3b1fe9129a34dad6fe442e9304087e2eec20a63c476ddf47e0db0ae0c
SSDEEP

3072:v1JukDB14dApRNq7/enSj14GV9J4UpwVoDn6v6j5PA1OGKNmMfiGAr7E9Iq:v1JukDBymLNqzxj+M9/JqQlQQiGAGIq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d5055752aa41c78f866f9bff719a8cb_JaffaCakes118

Files

3d5055752aa41c78f866f9bff719a8cb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f8195d390c9f9faa376ea2ee28668377

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchange
GetTickCount
GetConsoleCP
GetModuleHandleA
GetAtomNameA
CompareFileTime
WaitForMultipleObjects
SuspendThread
GlobalUnlock
VirtualProtect
CloseHandle
WaitForSingleObject
LoadLibraryExA
GetSystemDefaultLangID
HeapReAlloc
SetConsoleCP
GetStdHandle
HeapCreate
lstrlenA
GetVersion
GetCommandLineA

user32

DrawCaption
IsDialogMessage
GetKeyState
CopyImage
InsertMenuA
FindWindowA
CreateIcon
DestroyMenu
DispatchMessageA
DragObject
SetWindowPos
InvertRect
GetDlgItem
SetScrollInfo
DialogBoxParamA
GetKeyboardLayout
EnableScrollBar
SetPropA
GetCursorInfo
FillRect
CreateMenu

advapi32

RegEnumValueA
RegQueryInfoKeyA
RegCloseKey
RegEnumKeyA
RegCreateKeyExA

apphelp

ApphelpCheckExe

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 780KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ