382b6674ef65efb9f00b45800d08751f_JaffaCakes118 | Triage

Sharing

General

Target

382b6674ef65efb9f00b45800d08751f_JaffaCakes118
Size

183KB
MD5

382b6674ef65efb9f00b45800d08751f
SHA1

272de66f8f2da8a4014ab16a5b8e96a32c98c389
SHA256

e35ec8a7a758e9bffc6e0f1047d07d63a2b0e943667547891e0ee2de10f5eedb
SHA512

e5247fd4019994c2d700e870b20a0195d383ad7715600555dbee26f7562ee8e4be5aa7bea003ab7026b73dbeed51ecb88f28a1f252654dffe75ff53e8be118c4
SSDEEP

3072:FHVDoTAAtEX09UOFxhET9QrCv7CQf9HlHBY7me34ljO7fzkxnZvEnP2d3:vcTA8k0XfS98CvGQfHHmmAqi4ZcnP2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
382b6674ef65efb9f00b45800d08751f_JaffaCakes118

Files

382b6674ef65efb9f00b45800d08751f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8622506dd9298ab8a16c32604bf5b7ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleCursorInfo
ReadConsoleOutputCharacterW
ShowConsoleCursor
PrivMoveFileIdentityW
CreateFiberEx
GetThreadTimes
CreateNamedPipeW
SizeofResource
DosPathToSessionPathW
EnumLanguageGroupLocalesW
SetCommMask

user32

GetMenuItemRect
TranslateAcceleratorW
DrawFocusRect
GetMenuContextHelpId
GetKeyboardLayoutNameA
SetScrollInfo
CloseWindowStation
PrivateExtractIconsW
IsWindowVisible
GetWindowLongA
CreateIconFromResource
GetWindowRgn
GetDlgItemInt

shell32

SHGetDiskFreeSpaceExA
SHPathPrepareForWriteA
Shell_NotifyIcon
DoEnvironmentSubstW
OpenAs_RunDLLW
SHIsFileAvailableOffline
OpenAs_RunDLLW
ExtractIconA
StrChrW
DragQueryFileAorW
SHFreeNameMappings

Sections

.code
Size: 9KB - Virtual size: 808KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 170KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pack32
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ