1bce27bfba827ba0a4cd0193a1cdf66d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1bce27bfba827ba0a4cd0193a1cdf66d_JaffaCakes118
Size

637KB
MD5

1bce27bfba827ba0a4cd0193a1cdf66d
SHA1

ca41aa5fecfd254633c7cef3ebf1c9eb33eff9e8
SHA256

16d4c67ff582630349c4eafc55b5940c60e63186ba71c6726776a1a6cd4ba46d
SHA512

0f765e46ecc5dc636dfc617a682e280725e03df14529c9d845fe0f24e96bd238d27fd5dddfafc4fa68edd24a8027e6e1fb6e445b33378d65e463e36cbc65abaa
SSDEEP

12288:EIDi8qTUQ9r0wR2M2cx/QdsKmXvrgvzb17nRDoJ:EIH0UQdx2Fcy+K0jwNLRD+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1bce27bfba827ba0a4cd0193a1cdf66d_JaffaCakes118

Files

1bce27bfba827ba0a4cd0193a1cdf66d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

94abf1c30ade384fe7a9003a08c2471f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeFormatA
GetCurrentProcessId
HeapDestroy
LoadLibraryA
GetACP
GetModuleHandleA
ResumeThread
InterlockedExchange
GetUserDefaultLCID
GetTapeStatus
GetCommandLineA
FreeConsole
GlobalMemoryStatus
HeapCreate
WaitForSingleObject
IsDebuggerPresent
GetOEMCP
VirtualProtect
GlobalSize
GetSystemTime
PeekConsoleInputA

user32

GetParent
AnyPopup
FrameRect
SetForegroundWindow
EndPaint
GetFocus
GetClassNameA
GetCursorPos
DragDetect
ReleaseDC
DrawTextA
wsprintfA
CreateIcon
GetWindow
ShowWindow
FillRect
GetDC
GetTitleBarInfo
BeginPaint

ntshrui

GetNetResourceFromLocalPathA
GetLocalPathFromNetResourceA
SetFolderPermissionsForSharing
IsPathSharedA
IsFolderPrivateForUser

msutb

GetPopupTipbar

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ