16712f26b01403e062031b4120b40efd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

16712f26b01403e062031b4120b40efd_JaffaCakes118
Size

739KB
MD5

16712f26b01403e062031b4120b40efd
SHA1

42e866f657cf64744c5d99817d9e2232e6da018b
SHA256

93c7bd5b2b79872be56e73ddd644dfa7d93a3f8f5930c89699a9c664b431851c
SHA512

583e7d6991b6b7e8c045b8f53ef3b7bb231f89954c204baedaff6363e32d8457ac42b65d15eda244d492d70f15039ff9320a29d4cf13d03f1284424a7d299d1a
SSDEEP

12288:m/RMIBsIuw/sLsGnihAGJzQKW2ujjSVmKeU+33MzGGZ0BabyS2P/yR:sRMasVw0YGihLJzlVPeUy30IBaGS2P/+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16712f26b01403e062031b4120b40efd_JaffaCakes118

Files

16712f26b01403e062031b4120b40efd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

da43c8a1500e057e91f6d8285295af25

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
TlsGetValue
LocalFree
lstrlenW
LocalFlags
EnumCalendarInfoA
GetConsoleAliasA
FindAtomA
GetDriveTypeW
GetPrivateProfileStringA
GetNumberFormatA
FindClose
ReadFile
ResumeThread
GetCurrentThreadId
SetLastError
HeapCreate
EnterCriticalSection
GetModuleHandleA
CreateEventW

user32

CallWindowProcW
GetKeyState
GetKeyboardType
DispatchMessageA
GetClassInfoA
GetCursorInfo
DispatchMessageA
GetClientRect
GetMenuInfo
DrawTextA
IsWindow
SetFocus
GetSysColor

stclient

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

ntshrui

IsPathSharedA

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 729KB - Virtual size: 729KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ