3ff0e67ebd7654687047ca28602504ca_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ff0e67ebd7654687047ca28602504ca_JaffaCakes118
Size

637KB
MD5

3ff0e67ebd7654687047ca28602504ca
SHA1

ad942729dc6383fbb09a02645a8b687371608b60
SHA256

0e9c53ff1caf4af0bd64c4c387fa00e6b92d4643b22d875d3a9d5655f1255bc5
SHA512

e3156673a28796e90df08432806abff76b0bf537510c65beb793183be52583551f02d23c8f0e830068d4336b2fb79c3d96f77c9b8b041f89e5886cbcc7adf274
SSDEEP

12288:QzKTBwOoP9oO6ZQTjwbkJPyXpJmuIwFPzk605Aky+oklRfg1JOpA0zvZ3o:MoGPyRQXkkJaXrmu05Ak6MRoXyhB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ff0e67ebd7654687047ca28602504ca_JaffaCakes118

Files

3ff0e67ebd7654687047ca28602504ca_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1ea9a30d13e5eac3a41121dd2eaf9c52

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
HeapReAlloc
lstrlenA
TlsGetValue
GetTickCount
GlobalUnlock
VirtualProtect
TlsFree
GetStdHandle
GetModuleHandleA
FindAtomA
LoadLibraryA
GetConsoleCP
GetACP
CloseHandle
HeapWalk
GetProfileIntA
GetVersion
CompareFileTime
InterlockedExchange
GetAtomNameA

user32

PostQuitMessage
SubtractRect
ShowWindow
GetDlgItem
ModifyMenuA
InflateRect
InsertMenuA
SetPropA
PaintDesktop
EnableScrollBar
UpdateWindow
CopyRect
MessageBoxA
GetMenu
CreateCaret
DispatchMessageA
SetWindowPos
GetWindowTextA
EqualRect
GetMenuStringA
LoadIconA
GetKeyboardLayout
TranslateMessage
DestroyMenu
PostMessageA
GetScrollRange
DialogBoxParamA
GetSubMenu

msi

MsiCloseHandle
MsiDoActionA
MsiGetMode
MsiEnumClientsA
MsiEnumProductsA

uxtheme

GetThemeBool

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ