0108e66f590a8bb1d70208a2d2347e57_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0108e66f590a8bb1d70208a2d2347e57_JaffaCakes118
Size

775KB
MD5

0108e66f590a8bb1d70208a2d2347e57
SHA1

4c8028994cff0afe1caa3cbd135d719f11f41efd
SHA256

8d9ef8d200ddd2e5814c262d4c695e325c3949e799dd428210dbcdd1e2e9f898
SHA512

eaa6e90ad15e0e94b6b328cbcee64d4d816e1ec958e3f8249984b572c424ad2795f3ce787e8a0431fdd991d1d50181673b72a642ed1c11c82ada6dfa6677f433
SSDEEP

24576:+DncSZfe2kAQ3/F8hlDPg5LDzldh3WXfjokLC:tS9pkTChRPg5HzvJWPjokO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0108e66f590a8bb1d70208a2d2347e57_JaffaCakes118

Files

0108e66f590a8bb1d70208a2d2347e57_JaffaCakes118
.exe windows:4 windows x86 arch:x86

62c9b822d0025d9cf9ce6fb1dd2523a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
SetLastError
GetModuleHandleA
TlsGetValue
CloseHandle
GetExitCodeProcess
ReleaseMutex
GlobalUnlock
FindResourceA
SetEnvironmentVariableA
lstrlenW
GetProcessHeap
HeapCreate
GetStdHandle
VirtualQuery
LoadLibraryExW
CreateFileA
DeleteAtom
GetCurrentThreadId
CreateMutexA

user32

CallWindowProcA
FillRect
CreateMenu
DispatchMessageA
GetIconInfo
GetDC
DrawMenuBar
IsWindow
GetDlgItem
SetFocus
DrawEdge
CheckRadioButton
CreateWindowExA

ntshrui

SetFolderPermissionsForSharing
GetNetResourceFromLocalPathA
IsPathSharedA
IsPathSharedW
GetLocalPathFromNetResourceA

msasn1

ASN1BERDecEoid

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 765KB - Virtual size: 768KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE