3d5b4e8954cdf637774c1d37ac73207b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3d5b4e8954cdf637774c1d37ac73207b_JaffaCakes118
Size

331KB
MD5

3d5b4e8954cdf637774c1d37ac73207b
SHA1

0991a77238d896feddb6678ee8cde26961d2acd6
SHA256

19ab9435655fe25c3f1d2041283d86aa77ac78867a25abdfc44394f18185529c
SHA512

6161f7eeb70c779b0a62b31c421fcabfd77abdb9dd35057026ca8e6375b55c6413084c9a28a4e7a1e0032353be40323ca2637ac9311ecfa196d2d94084035858
SSDEEP

6144:ODz7fofibC7Usnr5urzBaeR8dMTnImQvA07YyjOQDvN1tK:OHE6kZ5urdaeBJCvzDV1tK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d5b4e8954cdf637774c1d37ac73207b_JaffaCakes118

Files

3d5b4e8954cdf637774c1d37ac73207b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

29985ee8797ba65a824fd61b74a11d16

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetVersion
InterlockedExchange
LoadLibraryA
lstrlenA
GetProfileIntA
GlobalUnlock
TlsFree
HeapReAlloc
GetModuleHandleA
HeapCreate
GetConsoleCP
WaitForSingleObject
CompareFileTime
GetTickCount
GetSystemDefaultLangID
GetStdHandle
WaitForMultipleObjects
TlsGetValue
VirtualProtect
AddAtomA

user32

FindWindowA
UpdateWindow
CreateCursor
CopyRect
SetWindowPos
ModifyMenuA
DispatchMessageA
DialogBoxParamA
GetWindowTextA
CreateCaret
EnableScrollBar
EqualRect
GetMenuStringA
GetKeyboardLayout
GetKeyState
PaintDesktop
InsertMenuA
ShowWindow
MessageBoxA
SubtractRect
PostMessageA
GetDlgItem
DestroyMenu
SetPropA
TranslateMessage

msi

MsiEnumProductsA
MsiEnumClientsA
MsiDoActionA
MsiGetMode
MsiCloseHandle

ws2_32

WSAAccept

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ