f38e9f0f3b034d250dff8e995c43a9f7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f38e9f0f3b034d250dff8e995c43a9f7_JaffaCakes118
Size

452KB
MD5

f38e9f0f3b034d250dff8e995c43a9f7
SHA1

4420c1f322d2e770f8f7210aa283673484c4dcbf
SHA256

22af1c4a10f06419fcb264611ba35c81fe602e11bf2aefa455a6d5b7d86fc199
SHA512

2dbc8119e69d2e722a9f1f16dc20e42d70f07cdbffeb215fff829ba9dc661d60d8d40828b850c1c7cccc2e98dc1ca1ac1e17e8f510a7d08b3cf4840b9e3b5a3a
SSDEEP

12288:Y64ZD4b55K7gvvr4sE7l3XWEZLorcjks/3fl5JF67cOn7qp:Yc5w3zZ8rcksPf67cuq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f38e9f0f3b034d250dff8e995c43a9f7_JaffaCakes118

Files

f38e9f0f3b034d250dff8e995c43a9f7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

cd864002e4a17300ace8fe7888481007

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
WaitForSingleObject
GetFileAttributesA
HeapFree
SuspendThread
IsBadReadPtr
Sleep
LocalSize
ExitProcess
MapViewOfFile
GetModuleHandleA
HeapCreate
GetCommandLineW
GetCurrentDirectoryW
GlobalLock
SetLastError
GetCommandLineA
GetFileTime
GetFileType
SetFileAttributesW
ReadFile
GetEnvironmentVariableW
CloseHandle
GetDriveTypeA
SetLastError

uxtheme

GetThemeTextExtent
GetThemeBool
GetThemeTextMetrics
SetWindowTheme
OpenThemeData
DrawThemeBackground
GetThemeEnumValue
CloseThemeData
GetWindowTheme
DrawThemeEdge
CloseThemeData
GetThemeColor
IsThemeActive

deskmon

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 604KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 445KB - Virtual size: 445KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE