3fb118e855d2de394fce5659b98a59f5_JaffaCakes118 | Triage

Sharing

General

Target

3fb118e855d2de394fce5659b98a59f5_JaffaCakes118
Size

17KB
MD5

3fb118e855d2de394fce5659b98a59f5
SHA1

0799571fcae0db8e678eaeb75f66face66cf1b53
SHA256

0e59409eaad04ee868e060e9217e80644aabcfb21598b6073d30d59f7335556a
SHA512

3fcf07fbc213ad1e31a245585843c42c40d0a9e16578b219b9003440cbc62344a7e818be4cd213d6a042ddef563994521f8b59f5c924f79d2d5caeaa800850f0
SSDEEP

192:y10Dn9WNGYTLiZT5kQLpqP6vA/QnQqWfchcvhiaal8u0LURFmaXcfd:y10LkHxQLoMQqsscvhCl8gaBd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fb118e855d2de394fce5659b98a59f5_JaffaCakes118

Files

3fb118e855d2de394fce5659b98a59f5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cd084d3069aa84d23c025d5c883ec06e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
IsDBCSLeadByte
GetLogicalDrives
GetCurrentProcess
TlsGetValue
lstrcatA
GetModuleHandleW
TlsAlloc
VirtualAlloc
GetSystemDefaultLangID
GetCommandLineA
GetDriveTypeW
TlsSetValue
TlsFree
FreeLibrary
GetCurrentThreadId
GetACP
GetModuleFileNameA
GetSystemDefaultLCID
GetCurrentThread
lstrcmpA

user32

IsIconic
GetDC
CreateWindowExA
GetForegroundWindow
IsWindowVisible
ShowWindow
GetClassLongA
RegisterClassA
BeginPaint
ReleaseDC
GetWindowLongA
UpdateWindow
GetWindowDC
GetFocus
GetWindow
GetSystemMetrics
GetWindowTextLengthA
GetActiveWindow
GetWindowTextA

advapi32

RegSetValueA
RegCreateKeyA
RegCloseKey
RegQueryValueA
RegDeleteKeyA
RegOpenKeyA

msctf

TF_GetThreadFlags
DllRegisterServer
DllGetClassObject
DllCanUnloadNow

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ