f1db0006584455cb9d7b76c0133aa51b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f1db0006584455cb9d7b76c0133aa51b_JaffaCakes118
Size

372KB
MD5

f1db0006584455cb9d7b76c0133aa51b
SHA1

7128ec22493708f333ec7575ee938374fe5636d4
SHA256

18f7ccd1bd5856d96194cdd63cd885f0bba3af22e2bdeacdcc637d1ff9241a09
SHA512

b34b38a9f7daccce46ff53367089d3dc0bda8d9df203e7501b0a849dc1d9eb92a68972c46811a69310f6cd926285ac034fe1b8d5dabf48e7c7a026d7d388b15b
SSDEEP

6144:NH3jvjVcVAC2FXgEr8fE0ASg3/YQvRNMVlJi41fv4Dw:1TvjVkCrSvoZNyl5fwD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f1db0006584455cb9d7b76c0133aa51b_JaffaCakes118

Files

f1db0006584455cb9d7b76c0133aa51b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

185cc82486a4beb040fb2c922d618df4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindVolumeClose
lstrlenA
GetModuleHandleW
CreateFileW
VirtualAlloc
CloseHandle
ReleaseMutex
GlobalFree
ReadFile
SetEvent
GetTickCount
GetExitCodeProcess
LocalFree
GetDriveTypeA
GetPrivateProfileIntW
GetComputerNameW
ExitThread
GetLocalTime
FreeConsole
GlobalSize

user32

CallWindowProcA
DispatchMessageA
SetFocus
GetMenu
GetClientRect
GetCursorInfo
GetDlgItem
EndDialog
GetClassInfoA
CreateWindowExA
DrawStateW
GetSysColor
GetKeyState

clbcatq

ComPlusMigrate
DllGetClassObject
ComPlusMigrate
ComPlusMigrate
ComPlusMigrate

ntshrui

IsPathSharedA

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 363KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ