3deb71e3a92dc4e3e4142e1e93b9b317_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3deb71e3a92dc4e3e4142e1e93b9b317_JaffaCakes118
Size

636KB
MD5

3deb71e3a92dc4e3e4142e1e93b9b317
SHA1

b3d44889741fb5edf284307baaada5535ffeb84e
SHA256

45e43c9035c6b71527edebec759ced7d2685b07a87970425fea0cc429e9d93ae
SHA512

bc050db0f8f54cdc091121acc5a812fe44f8722a5d9f069e9fd501b7a1fe4a3d2ed5f159ea16a9973aee2faefeac1b748638d876353144db0ef0bafeef442e06
SSDEEP

12288:psTw+5XCHW0Mq+X3cD39AiH8XZKB662cGfoIRBjnDERAfekGeZtvj:aF5XCHbz+X3Y3OiuZK8w9Q67kJLv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3deb71e3a92dc4e3e4142e1e93b9b317_JaffaCakes118

Files

3deb71e3a92dc4e3e4142e1e93b9b317_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9e65a32516a8a414a18059e001bf7341

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
SuspendThread
GetVersion
HeapCreate
LoadLibraryExA
HeapReAlloc
CompareFileTime
GlobalUnlock
GetAtomNameA
GetCommandLineA
GetModuleHandleA
GetStdHandle
GetConsoleCP
SetConsoleCP
GetTickCount
InterlockedExchange
CloseHandle
WaitForSingleObject
GetSystemDefaultLangID
WaitForMultipleObjects
VirtualProtect

user32

SetScrollInfo
DispatchMessageA
IsDialogMessage
CreateIcon
EnableScrollBar
InvertRect
CreateMenu
DrawCaption
DragObject
GetDlgItem
InsertMenuA
CopyImage
SetWindowPos
GetCursorInfo
DialogBoxParamA
GetKeyboardLayout
SetPropA
GetKeyState
FillRect
DestroyMenu
FindWindowA

advapi32

RegQueryInfoKeyA
RegEnumKeyA
RegCreateKeyExA
RegCloseKey
RegEnumValueA

uxtheme

GetThemeColor

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ