47ae3a1336167e11fa5e2d9f64f7a03e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

47ae3a1336167e11fa5e2d9f64f7a03e_JaffaCakes118
Size

637KB
MD5

47ae3a1336167e11fa5e2d9f64f7a03e
SHA1

236a026d51b374e5c17114ee6b2dc5b48653ac54
SHA256

4738e7173bace28b5f33f73affbb28e5c59e4132fd0a86ac4a8d49e42abb8324
SHA512

5e4f1c66ea3499f7dd9a247458e7b5ad64cf5edc16fd041c99757e7534a8589b0adfb25d32c550153bfecbbace0b3f34e2ee275b43420b8b5178681794e8d93f
SSDEEP

12288:DIkk6UFq996+Dka3II9G1O9lUa58ZT98c1FAaD1HvgcrA+iVSVjSy2imII:FuFekU+IZj6scDJvTmcVLk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47ae3a1336167e11fa5e2d9f64f7a03e_JaffaCakes118

Files

47ae3a1336167e11fa5e2d9f64f7a03e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

25afcc6e5afa82ce2167dd8b49d187f1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapDestroy
FreeConsole
TlsGetValue
WaitForSingleObject
GetSystemTime
GetTapeStatus
IsDebuggerPresent
GetUserDefaultLCID
GetTimeFormatA
InterlockedExchange
lstrlenA
GetModuleHandleA
GetACP
LoadLibraryExA
PeekConsoleInputA
VirtualProtect
GlobalMemoryStatus
HeapCreate
GetCommandLineA
ResumeThread
GlobalSize

user32

EndPaint
AnyPopup
GetDC
GetClassNameA
CreateIcon
GetFocus
SetForegroundWindow
ShowWindow
ReleaseDC
DragDetect
GetWindow
wsprintfA
DrawTextA
GetTitleBarInfo
GetParent
BeginPaint
GetCursorPos
FillRect
FrameRect

ntshrui

DllCanUnloadNow
GetNetResourceFromLocalPathA
GetLocalPathFromNetResourceA
SetFolderPermissionsForSharing
DllGetClassObject

wshtcpip

WSHIoctl

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ