096bd6ce386d9019d471570bd0dd277d_JaffaCakes118 | Triage

Sharing

General

Target

096bd6ce386d9019d471570bd0dd277d_JaffaCakes118
Size

636KB
MD5

096bd6ce386d9019d471570bd0dd277d
SHA1

ce5c33fff39bfd7545518009c6b40d028ae64fbb
SHA256

41315f80f69da7dc63cc226f3a9dbcbc6e16ace0286549c8f10cb4c2901ee609
SHA512

dd37d5b24fe50e7332047fa89714e14dc431c7cc51e569daddb897ec08cbe50f0cebb89f6901f705f860853ce8bb93d1062279d56b167f3ba9c5e8b34855adbf
SSDEEP

12288:RmFhr395JN/RHya7lDSyQIOBA5AmyG3sOOmUzCoS1vsIfjm:RIhfb/RSaxD5/OBA5AmyQsOtUmHlfj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
096bd6ce386d9019d471570bd0dd277d_JaffaCakes118

Files

096bd6ce386d9019d471570bd0dd277d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

37fee1ba19a1c2ec0d6cb4e7936aeaa6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultLangID
GetAtomNameA
SetLastError
VirtualProtect
GetModuleHandleA
lstrlenA
GetConsoleCP
InterlockedExchange
HeapReAlloc
ResumeThread
LocalLock
GetACP
WaitForSingleObject
GetVersion
GetSystemTime
LoadLibraryExA
WaitForSingleObject
HeapCreate
GetConsoleDisplayMode
GlobalSize
GetCommandLineA

user32

GetClassNameA
ShowWindow
GetDC
GetFocus
wsprintfA
GetParent
FrameRect
CreateIcon
ReleaseDC
GetTitleBarInfo
SetForegroundWindow
AnyPopup
EndPaint
BeginPaint
DrawTextA
GetWindow
GetCursorPos
DragDetect
FillRect

ntshrui

SetFolderPermissionsForSharing
GetLocalPathFromNetResourceA
DllGetClassObject
GetNetResourceFromLocalPathA
DllCanUnloadNow

msacm32

acmFilterEnumA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ