5dcbb9ea7cf02548a49c1d0d76f96944_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5dcbb9ea7cf02548a49c1d0d76f96944_JaffaCakes118
Size

358KB
MD5

5dcbb9ea7cf02548a49c1d0d76f96944
SHA1

9c424fbbbfe709d4aa7f687b9fa40a99a6634c00
SHA256

ffe80f40ae5464a550c6d083db6468aea5a4de80fe5ffaad1cecd68316764b74
SHA512

dd3a503c0b2664daefd7548352dc05dcf252e482b3a8a81068119d44e72f8c1508269a9e64c950df1f88ad0f6beb792710f8278833f5a58221d298f61890ce97
SSDEEP

6144:h01Yk7BnS1reexa5IMl7elkTLPHOqwGzKYz5IeF61KAQkvgprf:K1bnSUexa5NjTDuqwGzK0IUpkvgp7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5dcbb9ea7cf02548a49c1d0d76f96944_JaffaCakes118

Files

5dcbb9ea7cf02548a49c1d0d76f96944_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dfc7d652855fae25d8193d18a30dfafc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
SetLastError
LocalLock
PeekConsoleInputA
WaitForSingleObject
GetModuleHandleA
GetSystemTime
lstrlenA
WaitForSingleObject
HeapCreate
GetUserDefaultLCID
InterlockedExchange
GlobalSize
GetAtomNameA
TlsGetValue
LockResource
LoadLibraryExA
GetConsoleCP
GetACP
ResumeThread
VirtualProtect

user32

FrameRect
ShowWindow
FillRect
GetFocus
BeginPaint
CreateIcon
GetWindow
GetClassNameA
AnyPopup
SetForegroundWindow
DrawTextA
GetTitleBarInfo
DragDetect
EndPaint
wsprintfA
GetParent
ReleaseDC
GetCursorPos
GetDC

ntshrui

DllCanUnloadNow
GetNetResourceFromLocalPathA
GetLocalPathFromNetResourceA
SetFolderPermissionsForSharing
DllGetClassObject

wshtcpip

WSHIoctl

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 556KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ