16b4a9299e35f1489799225ce58c557a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

16b4a9299e35f1489799225ce58c557a_JaffaCakes118
Size

636KB
MD5

16b4a9299e35f1489799225ce58c557a
SHA1

9b8f20a139c20ddf89778c63e19d656b13b4c9d7
SHA256

426a35611e0712b9a1f0e7c0e8d40d4a816564e84eb48e9af40dfc008632622b
SHA512

201f3f4ada6c409aab876fd0834a491264421fd88b099e34b21cd0fd7824fa927b97e8dfa747ddd2427bae798ada349ff3801a6dbefe4ffca766f2f13ad850c3
SSDEEP

12288:FmFhr395JN/RHya7lDSyQIOBA5AmyG3sOOmUzCoS1vsIfjm:FIhfb/RSaxD5/OBA5AmyQsOtUmHlfj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16b4a9299e35f1489799225ce58c557a_JaffaCakes118

Files

16b4a9299e35f1489799225ce58c557a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6cf2f60e877e061b1ae2ba5139104d12

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResumeThread
lstrlenA
GetConsoleCP
VirtualProtect
LoadLibraryExA
InterlockedExchange
GetUserDefaultLangID
WaitForSingleObject
GetVersion
GetModuleHandleA
LocalLock
SetLastError
GetConsoleDisplayMode
HeapReAlloc
GetCommandLineA
GetSystemTime
GlobalSize
GetAtomNameA
HeapCreate
WaitForSingleObject
GetACP

user32

GetWindow
GetTitleBarInfo
GetDC
ReleaseDC
SetForegroundWindow
BeginPaint
CreateIcon
GetFocus
AnyPopup
FrameRect
GetCursorPos
ShowWindow
DragDetect
FillRect
EndPaint
GetClassNameA
wsprintfA
DrawTextA
GetParent

ntshrui

GetLocalPathFromNetResourceA
DllGetClassObject
GetNetResourceFromLocalPathA
SetFolderPermissionsForSharing
DllCanUnloadNow

msacm32

acmFilterEnumA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ