0e07cf9d376dd719160393a149039d71_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0e07cf9d376dd719160393a149039d71_JaffaCakes118
Size

646KB
MD5

0e07cf9d376dd719160393a149039d71
SHA1

674ac6c7d3fe773e6bf647f6cb235a2326a7317b
SHA256

21174f9c2b42c9094eae9958a817199ba039953ee930072c23316cf85c2fbbd1
SHA512

dd6850080a8370de4d5cb25adc572825497025155f29e962a43e666945353d7be9a47d580646f817dfb4d50e85f8085d16b3f6dfda643d7a5ad8c55479cfd99a
SSDEEP

12288:MuQK9b86uaw1ZAgeQrHaM5LjU9Vt7ANoTe8XaYlIWZNIw1SO9y/qGfoZNS:Mib86dE+C15LjUTpOojXaKr11SO2mZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e07cf9d376dd719160393a149039d71_JaffaCakes118

Files

0e07cf9d376dd719160393a149039d71_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5e294402200ca5fbc1c22d68299ab6d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
GetACP
GetSystemTime
HeapCreate
GetCommandLineA
LockResource
lstrlenA
GetAtomNameA
InterlockedExchange
TlsGetValue
GlobalSize
GetModuleHandleA
ResumeThread
LoadLibraryExA
LocalLock
GetUserDefaultLCID
VirtualProtect
WaitForSingleObject
GetConsoleCP
SetLastError
PeekConsoleInputA

user32

GetParent
GetWindow
DrawTextA
ReleaseDC
wsprintfA
GetFocus
GetClassNameA
DragDetect
SetForegroundWindow
GetCursorPos
GetDC
CreateIcon
FillRect
GetTitleBarInfo
ShowWindow
BeginPaint
AnyPopup
EndPaint
FrameRect

ntshrui

DllGetClassObject
SetFolderPermissionsForSharing
GetNetResourceFromLocalPathA
GetLocalPathFromNetResourceA
DllCanUnloadNow

wshtcpip

WSHIoctl

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ