75313fae39421db052945ab6bd394338_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

75313fae39421db052945ab6bd394338_JaffaCakes118
Size

73KB
MD5

75313fae39421db052945ab6bd394338
SHA1

956adad42b15194ec7c62d06517fc0e683f5090f
SHA256

4e178bcf5667590fe5f513442c01f11387141ca430a966f108e795e5073d6a41
SHA512

c9646829c85acfbf20cc86ceead91726e8e402ea142ec34d740503cd517909f3c0637b8d0026f95f38bec365f4132e87d2110b982ad3d1d7c280a3fd595c9df9
SSDEEP

1536:a3/o70VrFHcv1quR2CcqfGrsfD7wwa5nUpR:avoIF01yZrwns5+R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75313fae39421db052945ab6bd394338_JaffaCakes118

Files

75313fae39421db052945ab6bd394338_JaffaCakes118
.exe windows:5 windows x86 arch:x86

45cb1f994c2ae8de6eb0fbd529527975

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

OpenMutexW
GetCurrentProcess
VirtualProtectEx
GetDriveTypeA
HeapFree
lstrlenA
CreateEventW
GetPrivateProfileIntW
SetLastError
DeviceIoControl
GetFileAttributesA
GetPrivateProfileSectionA
GetProcessHeap
HeapDestroy
DeleteFileA
ResumeThread
ClearCommBreak
GetStringTypeA
DeviceIoControl
TlsGetValue
LoadLibraryW

uxtheme

GetWindowTheme
CloseThemeData
GetThemeBool
SetWindowTheme
IsThemeActive
GetThemeColor
DrawThemeBackground
GetThemeSysSize
DrawThemeEdge
GetThemeTextMetrics
OpenThemeData
GetThemeTextExtent
CloseThemeData

odbctrac

TraceSQLAllocEnv
TraceSQLBindCol
TraceSQLAllocConnect
TraceSQLAllocStmt

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ