3ddfce649d9216a80884bbb74813eb5f_JaffaCakes118 | Triage

Sharing

General

Target

3ddfce649d9216a80884bbb74813eb5f_JaffaCakes118
Size

724KB
MD5

3ddfce649d9216a80884bbb74813eb5f
SHA1

16bee821fd9bd402f66a8d475a9684fca31ea754
SHA256

a70d3a168878fbe10cd15af5ea32a3c8fedd7b16cfa0374ce05dfbc22b393507
SHA512

120f49c336b1a50c65380ff838242fa6ab6f2576ba9dda798def791d12571eb5009bc77b10f9a0a574e8eb66b7aa6096df2a4d1005b9a1e80132a0be36ab0bc2
SSDEEP

12288:XFulGny4rR26afLG0Fe028W4waITqSFFFFXch0r52s0ds0/rCZFqoW2wcWillGyY:XsUHR2tLFS8/RufFFFFXcu4dlrCWoXJ8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ddfce649d9216a80884bbb74813eb5f_JaffaCakes118

Files

3ddfce649d9216a80884bbb74813eb5f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f50ee1814ba7a037bb7f302467addaf4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDefaultLangID
FindResourceExW
FindResourceW
GetLocaleInfoW
LoadResource
LockResource
GetStartupInfoA
RtlUnwind
SetUnhandledExceptionFilter
ExitProcess
CreateThread
HeapCreate
GetStdHandle
GetOEMCP

msvcrt

__wgetmainargs
_initterm
memset
acos
__p__fmode
__p__commode
__setusermatherr
_amsg_exit
__dllonexit
_onexit
_wcmdln
memcpy

msimg32

TransparentBlt

Sections

.text
Size: 174KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ