3fd936afa7014f30287e4c6cefb5bc66_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3fd936afa7014f30287e4c6cefb5bc66_JaffaCakes118
Size

269KB
MD5

3fd936afa7014f30287e4c6cefb5bc66
SHA1

bb88a621f4e56fdbefb60c2d4885199bc6702fbc
SHA256

7cd81d229f90a8463fd7bcf36d49ff3acdf090f2d4e15a36ea39025655dabfcc
SHA512

2f6560fe80220689167b9b2ac58cdae698642887ddec69a49af8f1379bb1c6ffbe2e535ef50885fb8564edf61a29b5d7c0d221fb484b1ad57f01036c02a16c0b
SSDEEP

6144:CglyQYzM53d9sviAlqW2FGuAD8XZdV4o9kUW9AFtyO1JEAZpIVY6PEFz1dUN:CglyQ7VTAFuA4RW9AFtyO1JEAZpIVY6t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fd936afa7014f30287e4c6cefb5bc66_JaffaCakes118

Files

3fd936afa7014f30287e4c6cefb5bc66_JaffaCakes118
.exe windows:4 windows x86 arch:x86

858dd33b155343847803c4fe018a793b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
GetVolumeInformationA
ReadFile
lstrcatA
FindFirstFileA
GetLastError
SetLastError
GetProcAddress
GetTempFileNameA
FindClose
LoadLibraryA
FindNextFileA
lstrcpynA
CloseHandle
GetTempPathA
DeleteFileA
HeapReAlloc
HeapAlloc
HeapFree
GetProcessHeap
ExitProcess
GetModuleHandleW
Sleep
ResumeThread
lstrcmpA
CreateFileA
GetComputerNameA
GetModuleHandleA
lstrlenA

user32

wsprintfA

advapi32

GetUserNameA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ