311dbd4f06560215e8ad057cd5760f80_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

311dbd4f06560215e8ad057cd5760f80_JaffaCakes118
Size

362KB
MD5

311dbd4f06560215e8ad057cd5760f80
SHA1

1fa8713494e4a683d5ff63939f28cf30d5f44084
SHA256

b29af905d3681359db58a05eafce64ea9b0ef52a73b088e0875f57bffc06acc6
SHA512

626d2c247dd6424f9562d4a41cb30146fccb1fe25338ece0e270ce81ee7def53c3dbd56988ed2522fc2b3d7644502e01bcc850601d415c15017d72c102af84ca
SSDEEP

6144:9eM+2bf0uz7tn4tiT/gk+/WLfmByIJvpwduxCazhXjNeNsN5:9eM+lO7qQz+OacIRpwqCayg5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
311dbd4f06560215e8ad057cd5760f80_JaffaCakes118

Files

311dbd4f06560215e8ad057cd5760f80_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3cf2878286f4831f0faa65a58d8d74b3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeA
DeleteCriticalSection
GetCommandLineA
GetTickCount
EnumResourceTypesA
ReleaseMutex
GetModuleHandleA
GetExitCodeProcess
GetDiskFreeSpaceExW
TlsGetValue
GetComputerNameA
SetLastError
FreeConsole
VirtualProtect
FindClose
CreateMutexA
GetLastError
LoadLibraryExW
Sleep
CloseHandle

shell32

SHGetNewLinkInfo
SheChangeDirA
DragQueryFileA
DragAcceptFiles
SHGetSettings
DragFinish
SHFree
SHGetDiskFreeSpaceA
ShellMessageBoxA
SHAlloc
SHGetMalloc
ShellAboutA
StrChrA

glmf32

glsBlock
glsComment
glsAppRef
glsChannel
glsBinary

user32

MessageBoxA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ