3ffc839a9dd6d09cd6ac2d83fe534b06_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ffc839a9dd6d09cd6ac2d83fe534b06_JaffaCakes118
Size

773KB
MD5

3ffc839a9dd6d09cd6ac2d83fe534b06
SHA1

43baa07b36a9fdd6c049cc5e3168d735d8f1514f
SHA256

dfb350a6936199c8ee6a3aa88b8ec49a3b072f8e61305d0329ac3679d2ff06c7
SHA512

9f554173994d0af29e91672dd3344261793f434bf65474c1a3423c52b4bb6bf1abcd763cf32f5689abf292291c5e84e1c61db93d3d95cbcf57ca843871a57cf3
SSDEEP

12288:k48HY/Ej4bEY4wgRhndztSWj+L+gFcP9SEIjEzJPJ370/3cYNdg8uKYP2B2NdE7D:38Hbcb6ZpSWYNUPtPJ37eNIhKYP6uI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ffc839a9dd6d09cd6ac2d83fe534b06_JaffaCakes118

Files

3ffc839a9dd6d09cd6ac2d83fe534b06_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ea2675daafbff88690cbcf5ce6ec823c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventA
FindResourceA
SetEvent
CloseHandle
GetCommandLineA
DeleteFileA
GetTickCount
GetStartupInfoA
HeapDestroy
ResumeThread
GetTimeFormatA
GetModuleFileNameW
GetModuleHandleA
Sleep
VirtualQueryEx
ReleaseMutex
lstrlenW
OpenMutexW
HeapCreate
CloseHandle

user32

DispatchMessageA
IsWindow
DrawTextW
GetSysColor
CallWindowProcW
DispatchMessageA
FindWindowA
DestroyMenu
GetWindowLongA
CreateIcon
GetClassInfoA
PeekMessageA
IsZoomed

ntlanman

NPOpenEnum
NPOpenEnum
NPOpenEnum
NPOpenEnum

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 763KB - Virtual size: 763KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ