47de8d5f070199c597bc47917b2df53e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

47de8d5f070199c597bc47917b2df53e_JaffaCakes118
Size

243KB
MD5

47de8d5f070199c597bc47917b2df53e
SHA1

b740aa349729dfbebe4ac9322ed7edb05c4d57f8
SHA256

ac04c438b1a156c758ce49dcce2fcbb4f6339f3cd7442cd049d19149088e75c2
SHA512

a486d12ef68b5dfd279c5f53eb27f1b0b9403bf5a096e0069116aab80b720cec4c23ed352c3f227b49ddafc64924627191a751435c84b022706abce1cad707b6
SSDEEP

6144:KlnDwpSBm/1366UalsA7nsOTN3xafmjXJ+Cp6cq:8u7U0zjJNhhXAl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47de8d5f070199c597bc47917b2df53e_JaffaCakes118

Files

47de8d5f070199c597bc47917b2df53e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

54ab54c453d67dd42757779d6c924a4e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetTextColor

shell32

ShellExecuteExW

kernel32

CmdBatNotification
InterlockedExchange
GetACP
FindFirstChangeNotificationW
GetLocaleInfoA
GetThreadLocale
GetVersionExA
InitializeCriticalSection
DeleteCriticalSection
LocalFree
GetLastError
CreateMutexW
LocalAlloc
OpenMutexW
WaitForSingleObject
ResetEvent
CloseHandle
SetEvent
ReleaseMutex
FindClose
FindFirstFileW
Sleep
GetFileAttributesExW
CreateThread
GetExitCodeThread
LeaveCriticalSection
EnterCriticalSection
ResumeThread
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount
SetThreadPriority
CreateFileW
GetPrivateProfileStringW
GetFileAttributesW
GetModuleFileNameW

oleaut32

CreateErrorInfo
DispInvoke
VarI1FromDec
VariantInit
SysFreeString

Sections

.text
Size: 118KB - Virtual size: 202KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 286B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ