053347e86c01236db2f15e02bc71d5a1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

053347e86c01236db2f15e02bc71d5a1_JaffaCakes118
Size

189KB
MD5

053347e86c01236db2f15e02bc71d5a1
SHA1

30d3098d0980290ff48a8e8c4f791040098f8a00
SHA256

5e1b16e26649c801dc81fc53babeb3e3aeebdf2ce4c5006e2ae59a8f96179ef1
SHA512

750f80ef7f146f24ce7a3a51384b52d7c99742acbaeb665032ac2d57061e0ec753e6a3463128bde92679841c267d116920736be1e7842bf8e08acdb551839118
SSDEEP

768:YH1Ln2y8f+Rd4BDMVAaAF8tXID8wx8z+xSSJqM+fHfB68c8giIUq0YM7X:2QNhFSYfsUnof/s8X3q0d7X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
053347e86c01236db2f15e02bc71d5a1_JaffaCakes118

Files

053347e86c01236db2f15e02bc71d5a1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

20bad4771c58b3913d39711009a80204

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SearchPathA
CreateThread
AddAtomA
DeleteCriticalSection
GetConsoleFontSize
CloseHandle
TlsGetValue
HeapDestroy
VirtualProtect
FindVolumeClose
FindResourceExA
GetDiskFreeSpaceA
ExitProcess
lstrlenA
Sleep
SetEvent
ReleaseMutex
GetLastError
GetTickCount
GetModuleHandleA

user32

CopyImage
EnableWindow
CreateMenu
DragDetect
CopyIcon
EndDialog
CloseWindow
DialogBoxParamA
GetScrollBarInfo
IsIconic
GetMessageA
GetKeyState
DispatchMessageA
CreateWindowExA

hlink

HlinkResolveShortcut
HlinkClone
HlinkNavigate
HlinkIsShortcut
HlinkTranslateURL

shell32

DragQueryFileA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE