3edd3e77f0447c560ae517746a0100b3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3edd3e77f0447c560ae517746a0100b3_JaffaCakes118
Size

12.2MB
MD5

3edd3e77f0447c560ae517746a0100b3
SHA1

2f4fca84b727ea7e46070239c8c90ffe138f8c4a
SHA256

90e110ade13b8e85807631d052e2a66e75b073583be9d3f345622cc5d5a11caa
SHA512

a16debaef9d2d842545ea8ce6ed4caa318bcf1dcd85ade5558178e1604e50a8ffa68665e25766c7232b7136291474ae638eb6b22dd02214d24ef0b0e35fc402c
SSDEEP

196608:52EZAHWntVSGcvLW5nruVwlU0UnYUg0I5ZX3QOHWMrlPJj:52EZBV9cvLW5CV+UbY90IngOH7rNJj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3edd3e77f0447c560ae517746a0100b3_JaffaCakes118

Files

3edd3e77f0447c560ae517746a0100b3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

759c64956bb9d5966a0ea13df192bc06

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStringsW
LocalFree
MultiByteToWideChar
ReleaseMutex
GetFileSize
TerminateProcess
GetVersionExW
TlsFree
OutputDebugStringA
RaiseException
TlsAlloc
LocalAlloc
FreeLibrary
VirtualFree
GetACP
HeapFree
CreateFileA
InitializeCriticalSection
GlobalAlloc
HeapAlloc
GetModuleFileNameW
lstrcmpiW
lstrcatW
GetLocaleInfoW
GetLastError
CopyFileExA
GetSystemInfo
lstrlenA

user32

MoveWindow
GetClientRect
GetSystemMetrics
GetWindowTextW
SendDlgItemMessageW
GetWindowLongW
CharUpperW
GetWindow
DestroyIcon
GetMessageW
PostThreadMessageW
GetKeyState
SystemParametersInfoW

gdi32

CreateDIBitmap
GetTextAlign
TranslateCharsetInfo

advapi32

GetSidSubAuthority
CryptSetKeyParam
GetUserNameA
RegEnumKeyA
DeregisterEventSource
CloseServiceHandle

Sections

.text
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 200KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ