4d95e67cb25a94a87d64f78a828679dc_JaffaCakes118 | Triage

Sharing

General

Target

4d95e67cb25a94a87d64f78a828679dc_JaffaCakes118
Size

358KB
MD5

4d95e67cb25a94a87d64f78a828679dc
SHA1

56591a6d50d9795a6d9d0f4ab158000adb0ed4f6
SHA256

3ebabf4cea0d5a9db0e9af0c6fa5313d30da04bdadad810edd13cc1d4fff03d0
SHA512

df2994838d843231a081e84f0d49cf434cd1f8cec2eee32e4453f9d64221a2a4f1f8c08d8e514684f2e28e6601b8e778ca9c90bfc242144146c98e351a8e23a3
SSDEEP

6144:O01Yk7BnS1reexa5IMl7elkTLPHOqwGzKYz5IeF61KAQkvgprfk:D1bnSUexa5NjTDuqwGzK0IUpkvgp7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d95e67cb25a94a87d64f78a828679dc_JaffaCakes118

Files

4d95e67cb25a94a87d64f78a828679dc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3eb82e52521cba157081df957e88638b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultLCID
GetAtomNameA
TlsGetValue
VirtualProtect
GetSystemTime
GlobalSize
lstrlenA
PeekConsoleInputA
GetConsoleCP
WaitForSingleObject
LoadLibraryExA
HeapCreate
ResumeThread
GetCommandLineA
SetLastError
InterlockedExchange
WaitForSingleObject
LockResource
GetModuleHandleA
GetACP
LocalLock

user32

BeginPaint
GetDC
GetFocus
AnyPopup
wsprintfA
SetForegroundWindow
FrameRect
EndPaint
DrawTextA
GetParent
GetCursorPos
GetClassNameA
ShowWindow
GetWindow
CreateIcon
ReleaseDC
FillRect
GetTitleBarInfo
DragDetect

ntshrui

SetFolderPermissionsForSharing
DllCanUnloadNow
GetNetResourceFromLocalPathA
DllGetClassObject
GetLocalPathFromNetResourceA

wshtcpip

WSHIoctl

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 556KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ