309a6382d94513933367e2a71b5e2f04_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

309a6382d94513933367e2a71b5e2f04_JaffaCakes118
Size

369KB
MD5

309a6382d94513933367e2a71b5e2f04
SHA1

16ca439155286bef887e5b8f2475a3f994420358
SHA256

ef7739a0ac4679520778e477e4d77d45897d9512fee021d0cbd3a2659c96320f
SHA512

86abd46e4a7496efef4d6d36867cfa63933b84a1648f631ab5ce22cf3097632f3580b169818f2eb6596b54d1e95c638638707f7f09b400fbfd14ac67182c302c
SSDEEP

6144:HRMG7tgYauP+lkqAoR/f5bdzzHsXeaqcDEXrPeaMRD8A5792Ph1172N:HRMG5gMWkcN5S0cDYTea8gU2h772

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
309a6382d94513933367e2a71b5e2f04_JaffaCakes118

Files

309a6382d94513933367e2a71b5e2f04_JaffaCakes118
.exe windows:4 windows x86 arch:x86

266d1c18ac8a3f2a6624b0cf47d33522

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumCalendarInfoA
TlsGetValue
GetModuleHandleA
EnterCriticalSection
lstrlenW
GetCurrentProcessId
GetNumberFormatA
FindAtomA
CreateEventW
GetCurrentThreadId
GetPrivateProfileStringA
SetLastError
LocalFree
ResumeThread
GetConsoleAliasA
LocalFlags
GetDriveTypeW
FindClose
ReadFile
HeapCreate

user32

GetMenuInfo
DrawTextA
GetSysColor
SetFocus
CallWindowProcW
IsWindow
GetKeyState
GetClassInfoA
GetClientRect
GetCursorInfo
DispatchMessageA
DispatchMessageA
GetKeyboardType

stclient

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

ntshrui

IsPathSharedA

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 492KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 359KB - Virtual size: 358KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ