6aaf2d3e071c68dde276d5a8589509a6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6aaf2d3e071c68dde276d5a8589509a6_JaffaCakes118
Size

488KB
MD5

6aaf2d3e071c68dde276d5a8589509a6
SHA1

2a98ebd08f6018d0ef3d374edef625465ee5333a
SHA256

602ea903bc0c1ee9ebed26f565ea185c085636fca32a928199b496d673f6b0d8
SHA512

fa63b5bf98a28b189ba7b2c630ae4f820e54dd9eb8434f54073e2f03e96a60896c2c4337afb7934b235649b8aaeac2a673671e4c18219a7dafb15eb51cf04de9
SSDEEP

12288:GeiPLSSO9s/rfJwY0A7YJkm7SC+NUjLmc8xFQCSsz:xCLSSOWraYDpjCDXz8jLSs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6aaf2d3e071c68dde276d5a8589509a6_JaffaCakes118

Files

6aaf2d3e071c68dde276d5a8589509a6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

af8609b7a428d90c16ea8623acacd839

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
GlobalSize
PeekConsoleInputA
HeapCreate
GetACP
GetOEMCP
GetCommandLineA
GetCurrentProcessId
GetTapeStatus
GetTimeFormatA
GetUserDefaultLCID
LoadLibraryExA
GetModuleHandleA
ResumeThread
HeapDestroy
GlobalMemoryStatus
FreeConsole
GetSystemTime
VirtualProtect
InterlockedExchange
IsDebuggerPresent

user32

wsprintfA
GetParent
DragDetect
SetForegroundWindow
ReleaseDC
GetFocus
ShowWindow
EndPaint
FillRect
AnyPopup
DrawTextA
GetTitleBarInfo
BeginPaint
CreateIcon
GetDC
GetClassNameA
FrameRect
GetCursorPos
GetWindow

ntshrui

GetLocalPathFromNetResourceA
SetFolderPermissionsForSharing
IsFolderPrivateForUser
GetNetResourceFromLocalPathA
DllGetClassObject

hnetcfg

IcfFreeProfile

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ