3ebf3ad36d6b14d38d54c81bf3e51cb2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ebf3ad36d6b14d38d54c81bf3e51cb2_JaffaCakes118
Size

126KB
MD5

3ebf3ad36d6b14d38d54c81bf3e51cb2
SHA1

5acec0c1b9a0ed27b944324aae59205daf08c7eb
SHA256

7daee68c3d4f9dc9c923e509b7c3dd25f8a7fb9e5b4254bb390edcd23f57c98a
SHA512

d1eb52def9140c9221158341e666343a2d40256e2bcbec408860f214312d7de35a3b687295a16755333c4e3bd82b93566336efaa66edf1d39014c3e8cb48fdb8
SSDEEP

3072:5ejlsAWv9bXFk8Qzmx9v0sa94DK6gYe974wgCNgXdPVqZ:5eRRWv9Vk8Qzm/sBlKNP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ebf3ad36d6b14d38d54c81bf3e51cb2_JaffaCakes118

Files

3ebf3ad36d6b14d38d54c81bf3e51cb2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e425d776ce69b8b3addeb4585a95f50f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetCurrentThreadId
HeapFree
IsBadHugeReadPtr
LoadResource
VirtualAlloc
LoadLibraryA
InitializeCriticalSection

shlwapi

SHStrDupA
PathFileExistsA
SHQueryInfoKeyA
PathIsDirectoryA

gdi32

GetCurrentPositionEx
GetDIBColorTable
GetBitmapBits
GetDCOrgEx

comdlg32

FindTextA

user32

LoadIconA
GetSysColor
GetMenu
GetSubMenu
CreatePopupMenu
IsWindow
GetSysColorBrush
GetScrollRange

Exports

Exports

_X2pUtE@8
_7jVhO
_hOmZX@20
_vLkiYMX@20

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ