21e167995bf8af2f3046910f021190c3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

21e167995bf8af2f3046910f021190c3_JaffaCakes118
Size

787KB
MD5

21e167995bf8af2f3046910f021190c3
SHA1

388ce6c1cd6a823cda3641849bed4f9c03b631e4
SHA256

10c3f7b697a59626f0219e86bb870ed51e8b8d26e32aecc4bea53f6fa27612b9
SHA512

8aee06b291d2624fcfcc7fd0ff710cff1e7dd88428b1325d7f904e2b5b6438e36fc0954f3c3eafe39fa5a866958957f0b678fe25400c41c2249c7ebb682e885a
SSDEEP

12288:2fkZeY2ivwZ8L4q3mSXYQmvMB2DPI5khfBvo1YVkZvSPFYID/xp+DS2u:odY21q3mSosB2DkMfBvo1YieFrH2u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21e167995bf8af2f3046910f021190c3_JaffaCakes118

Files

21e167995bf8af2f3046910f021190c3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0872f033c9bfee687231a04377232248

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
FindResourceA
PulseEvent
GetCurrentThreadId
CreateMutexA
lstrlen
GetConsoleMode
Sleep
SetEnvironmentVariableA
GetStdHandle
CreateFileA
HeapCreate
TlsGetValue
SetLastError
GetModuleHandleA
ReleaseMutex
TerminateThread
LoadLibraryExW
LocalFree
GlobalUnlock

user32

CheckRadioButton
DrawMenuBar
CallWindowProcA
GetIconInfo
FillRect
DefWindowProcW
GetDlgItem
CopyRect
DispatchMessageA
IsWindow
GetDC
SetFocus
DrawEdge

uxtheme

CloseThemeData
GetCurrentThemeName
GetThemeBool
DrawThemeIcon
GetThemeColor

dpnet

DirectPlay8Create

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 778KB - Virtual size: 778KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ