3e1cb21a1a64e5eef628bcd5720b02bc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3e1cb21a1a64e5eef628bcd5720b02bc_JaffaCakes118
Size

100KB
MD5

3e1cb21a1a64e5eef628bcd5720b02bc
SHA1

301dcb73bc0654e6b36c0130ad3d9ac31d3cbd4a
SHA256

19a9d4d24768a1a85c9f608bdb07d63ba8730b612a7aaf756fa593e51c9cdc52
SHA512

2c7d7965aa816577b173c9d0a2635d04d4084b12ef0a5569b30b33c831ab63145aa1836b24d0c282ba20f4cb123b8efcf20e4e4ad7b9b61db6cebd4daa5c3daf
SSDEEP

3072:2iWUbnQlcbz/3GD/4yctNynZ3vIysZb21Qmk4ro:2fwi4htNuZ3vIyKK10

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e1cb21a1a64e5eef628bcd5720b02bc_JaffaCakes118

Files

3e1cb21a1a64e5eef628bcd5720b02bc_JaffaCakes118
.exe windows:1 windows x86 arch:x86

6c4165149c7e0a6e4c1ba1aa1b5b8bb7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddAtomA
lstrcpynA
CreateNamedPipeW
ConnectNamedPipe
GetLocalTime
GetCurrentProcess
GetProcAddress
HeapCreate
GetStartupInfoA
ExpandEnvironmentStringsW
lstrcmpA
GetModuleHandleW
lstrcpy
CompareStringA
GetCurrentDirectoryW
InitializeCriticalSection
TlsAlloc
lstrcmpiA
lstrcatW
GetLocaleInfoW

user32

LoadMenuW
LockWindowUpdate
ClientToScreen
SetTimer
GetFocus
InsertMenuA
CreateDialogIndirectParamW
InvalidateRect
GetForegroundWindow
UnregisterClassW
IsWindowEnabled
GetWindowRect

gdi32

GetTextColor
DeleteDC
GetBitmapBits
CreateDCA
StretchDIBits

advapi32

RegCreateKeyW
RegEnumValueW

comdlg32

GetOpenFileNameA
PrintDlgW

shell32

StrCmpNA

ole32

StringFromCLSID

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA
VerInstallFileW

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ