3e94eae782df5aea7ba9c3d384a93d4a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3e94eae782df5aea7ba9c3d384a93d4a_JaffaCakes118
Size

259KB
MD5

3e94eae782df5aea7ba9c3d384a93d4a
SHA1

18acfd5753f7369c8f742fcb89f32e3774baf5b3
SHA256

7f90d1021f516f0933473458eff398560638b5ce2a5471110de1c5eadf931456
SHA512

e21b5b9b8c51573c3eefd90920d7b3fd98283334c4231febb9a5ca2e07b8f0bb8f79df8dd15dc73811f3c6a4ed564f264797f6712fc6f1dbe30b3b9aeccc582c
SSDEEP

3072:jtoetLDSYoPmxmbwNLDdC3VE8i1CbhrEQJOLV9O8+ROLBWMhSfvGu8B3YPI36/:jtVvSYoqsGE3JOF+ROLBgQ3Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e94eae782df5aea7ba9c3d384a93d4a_JaffaCakes118

Files

3e94eae782df5aea7ba9c3d384a93d4a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d5dfe885681c3ee5556cf186d8bb6d82

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControls

kernel32

GetTickCount
GetProcessHeap
GetModuleHandleW
DeleteFileW
lstrlenW
DeleteFileA
VirtualAlloc
SetCurrentDirectoryA
SetLastError
GetCurrentThread
GetLastError
GetCommandLineW
lstrcmpA
GetCommandLineA
GetOEMCP
MulDiv
IsDebuggerPresent
RemoveDirectoryA
GetVersion
GetACP
lstrcmpiW
lstrlenA
GetModuleHandleA

user32

GetDesktopWindow
GetMessagePos
GetInputState
CharNextA

gdi32

GetDCOrgEx
RestoreDC
BeginPath
GetDIBColorTable
LineTo
EndPath
SetTextColor
MoveToEx
SetColorSpace
ExcludeClipRect
SetMapMode
SetBkMode
GetPixel
EndDoc

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 175KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ