1ac290bcd46e6dd1df04f2aeab3d8330_JaffaCakes118 | Triage

Sharing

General

Target

1ac290bcd46e6dd1df04f2aeab3d8330_JaffaCakes118
Size

358KB
MD5

1ac290bcd46e6dd1df04f2aeab3d8330
SHA1

5704452c19bc5e9d86b8e34445ec748a361bebbe
SHA256

145d9097bd1c7539b6fbf5d8870f8b1258646c08bc8bb57953abdd278ec1256d
SHA512

b3bc8dc62cb61dbc315e8fe42c60b7ea8139ef0567f6c4246bd35583b8b519c9a3e965fb36b3fcaca05f9ef523e7ba6a2f2cd88fd8eb9e9b830d4ec93419a74b
SSDEEP

6144:W01Yk7BnS1reexa5IMl7elkTLPHOqwGzKYz5IeF61KAQkvgprf:L1bnSUexa5NjTDuqwGzK0IUpkvgp7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1ac290bcd46e6dd1df04f2aeab3d8330_JaffaCakes118

Files

1ac290bcd46e6dd1df04f2aeab3d8330_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9b4d31734d51c99dc97e133e31c5dc48

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockResource
PeekConsoleInputA
InterlockedExchange
WaitForSingleObject
TlsGetValue
GetAtomNameA
GlobalSize
VirtualProtect
ResumeThread
SetLastError
GetSystemTime
LoadLibraryExA
WaitForSingleObject
GetUserDefaultLCID
GetConsoleCP
lstrlenA
LocalLock
GetCommandLineA
GetModuleHandleA
HeapCreate
GetACP

user32

EndPaint
ReleaseDC
GetDC
DrawTextA
GetCursorPos
SetForegroundWindow
GetClassNameA
AnyPopup
BeginPaint
FillRect
GetParent
GetTitleBarInfo
wsprintfA
GetWindow
ShowWindow
GetFocus
CreateIcon
FrameRect
DragDetect

ntshrui

GetLocalPathFromNetResourceA
SetFolderPermissionsForSharing
DllGetClassObject
GetNetResourceFromLocalPathA
DllCanUnloadNow

wshtcpip

WSHIoctl

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 556KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ