08d262ccd24a957ed1aebb701451f5ba_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

08d262ccd24a957ed1aebb701451f5ba_JaffaCakes118
Size

370KB
MD5

08d262ccd24a957ed1aebb701451f5ba
SHA1

5ee7f87f136d91a8f574926b6c2b5d2a0605e648
SHA256

ce9ca4b7b36b17b0b27e8a5e286fcc98aaff3465ca23ba2013fbfd0835091138
SHA512

b44ca66f0ada806e4fd3333e93e9a2a2deddf7bc7987680c791be0270edd59762f1c28001fd4979bf3812a6c798aa7f52cebb78bb28d59d2db0cc6c329f62075
SSDEEP

6144:6k9kmoMOXSyHyC3jRSaZjmi/KaeF/ae/X7FwHqYLAzB:bam8XVHjNSaZy0KaA/auX0h4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08d262ccd24a957ed1aebb701451f5ba_JaffaCakes118

Files

08d262ccd24a957ed1aebb701451f5ba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a31e35337b3278a03ced3783badaf0c9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetExitCodeProcess
GetCurrentThreadId
HeapCreate
GlobalUnlock
CloseHandle
SetEnvironmentVariableA
GlobalFree
SetLastError
GetStdHandle
CreateMutexA
FindResourceA
GetModuleHandleA
CreateFileA
GetVersion
DeleteAtom
TlsGetValue
LoadLibraryExW
lstrlenW
ReleaseMutex
VirtualQuery

user32

DrawMenuBar
CreateMenu
IsWindow
FillRect
SetFocus
CreateWindowExA
CallWindowProcA
DispatchMessageA
GetIconInfo
GetDC
GetDlgItem
CheckRadioButton
DrawEdge

ntshrui

IsPathSharedW
GetNetResourceFromLocalPathA
IsPathSharedA
GetLocalPathFromNetResourceA
SetFolderPermissionsForSharing

msasn1

ASN1BERDecEoid

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 343KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ