719b112e61f41397b3552bb05d2a6f99_JaffaCakes118 | Triage

Sharing

General

Target

719b112e61f41397b3552bb05d2a6f99_JaffaCakes118
Size

370KB
MD5

719b112e61f41397b3552bb05d2a6f99
SHA1

c41d13ffd0c1df5f9f6d7a0cc0ecee4dcc645c73
SHA256

0f6b913e5fc377cc6d8378ef7099829e01d2ad444cac1efd49f245f5ce4bf245
SHA512

65b9702cde2a0fb8e36c7a0d81dc124e91f5597598c23b1bc887bb06c92d2afeb0fb67ba6942ab2bce2aab0e2c5cd6e4b76cfa5432008a5d246aebb4bd3ef791
SSDEEP

6144:Ok9kmoMOXSyHyC3jRSaZjmi/KaeF/ae/X7FwHqYLAzBuB:Pam8XVHjNSaZy0KaA/auX0h4Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
719b112e61f41397b3552bb05d2a6f99_JaffaCakes118

Files

719b112e61f41397b3552bb05d2a6f99_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ef643581c08efae3789a42438a46efd3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
SetEnvironmentVariableA
GetCurrentThreadId
GlobalFree
CreateFileA
GetStdHandle
GetModuleHandleA
FindResourceA
VirtualQuery
CloseHandle
CreateMutexA
GlobalUnlock
ReleaseMutex
HeapCreate
lstrlenW
GetExitCodeProcess
DeleteAtom
LoadLibraryExW
GetVersion
SetLastError

user32

DispatchMessageA
FillRect
GetIconInfo
GetDlgItem
DrawMenuBar
IsWindow
SetFocus
CheckRadioButton
DrawEdge
GetDC
CreateMenu
CreateWindowExA
CallWindowProcA

ntshrui

GetNetResourceFromLocalPathA
IsPathSharedW
IsPathSharedA
SetFolderPermissionsForSharing
GetLocalPathFromNetResourceA

msasn1

ASN1BERDecEoid

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 343KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ