3f09bd48a659c473f2ca82645648a388_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3f09bd48a659c473f2ca82645648a388_JaffaCakes118
Size

773KB
MD5

3f09bd48a659c473f2ca82645648a388
SHA1

b1db3e0a9a238a057114c7fab2e3406c3643673f
SHA256

dbb3917a22ae20650a77dff3b9b46feee2a55c307ac154eab285842e36239de1
SHA512

3d765e881788f2a3768e4e0f3d6b086ee7bdb362a6ef54d6ae77a9f36627f3c7d9714d4a808949ad23544aef1629b337c825a7b0b3fde08a3fc460a1c8a55643
SSDEEP

24576:Srqo6tVFQvnsecnkBzXSh/d2WT0Wwyu6HHH:Sr16t/Tvk2d177HH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f09bd48a659c473f2ca82645648a388_JaffaCakes118

Files

3f09bd48a659c473f2ca82645648a388_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cc936ba70914de4a15138cc0e822a1b4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
OpenMutexW
CloseHandle
DeleteFileW
HeapCreate
GetModuleFileNameW
CloseHandle
GetStartupInfoA
GetTimeFormatA
GetModuleHandleA
GetCommandLineA
lstrlenW
FindResourceA
GetCommandLineA
Sleep
CreateEventA
ResetEvent
ResumeThread
VirtualQueryEx
HeapDestroy

user32

IsWindow
GetWindowLongA
DispatchMessageA
PeekMessageA
DrawTextW
IsZoomed
DestroyMenu
CreateIcon
FindWindowA
DispatchMessageA
CallWindowProcW
GetClassInfoA
GetSysColor

ntlanman

NPOpenEnum
NPOpenEnum
NPOpenEnum
NPOpenEnum

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 763KB - Virtual size: 763KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ