3fd5e604e42e65b8089e089c37c87f4c_JaffaCakes118 | Triage

Sharing

General

Target

3fd5e604e42e65b8089e089c37c87f4c_JaffaCakes118
Size

146KB
MD5

3fd5e604e42e65b8089e089c37c87f4c
SHA1

e6aaa9726b2a5719e6e2b542f2166b34a3841639
SHA256

60bcc321fc1aeb3374361f171f88eb6b91f67c9d0312a3524059dd0bc1a1b997
SHA512

cf72c203648b7893b95805df73448d5666b6c24decf85a5b5d67853214a911feb0ebc22484d871d8f8c600e9834d79cd02eb41a89ea31c203c6cba8a08b54387
SSDEEP

3072:upvGXl4MH5zaQ2C8Zd5vu0pTrMVZZDixyDEU:uehJaQ2/X1u0p8VZNipU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fd5e604e42e65b8089e089c37c87f4c_JaffaCakes118

Files

3fd5e604e42e65b8089e089c37c87f4c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

42c004f2d51ac2e59edb64df87da4454

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalLock
HeapCreate
GetACP
GetSystemTime
GetVersion
SetLastError
GetUserDefaultLangID
GetConsoleCP
GlobalSize
LoadLibraryExA
lstrlenA
GetAtomNameA
WaitForSingleObject
WaitForSingleObject
GetModuleHandleA
HeapReAlloc
ResumeThread
InterlockedExchange
GetCommandLineA
GetConsoleDisplayMode
VirtualProtect

user32

ReleaseDC
SetForegroundWindow
wsprintfA
FrameRect
GetCursorPos
DrawTextA
DragDetect
CreateIcon
GetClassNameA
AnyPopup
GetParent
GetWindow
GetTitleBarInfo
FillRect
BeginPaint
ShowWindow
GetFocus
GetDC
EndPaint

ntshrui

GetLocalPathFromNetResourceA
DllGetClassObject
GetNetResourceFromLocalPathA
SetFolderPermissionsForSharing
DllCanUnloadNow

msacm32

acmFilterEnumA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 632KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ