75d99af0bd628f86ff1087ed29109a6e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

75d99af0bd628f86ff1087ed29109a6e_JaffaCakes118
Size

88KB
MD5

75d99af0bd628f86ff1087ed29109a6e
SHA1

6863bf0b66fb9098e16bfc6c19c9b50849f3534a
SHA256

15fd7a4a01b7f8e960b1b5c8f3b2617bf47626673fdae907b33aa1725ece7ffe
SHA512

055c54e601b2056e0efcc017881afb6aaecdff48e5833f0831c5d3a5ce75474db74b8168b59e987cdebf15fc0d03e200c486cc1db6a4fa22b7e3165aa4fa0d34
SSDEEP

1536:LzH+lUFl01sLz35oXXpPmBwgPHa5Dt+1Wonb03U9uNw:LzHWUFK143SXW9PHS+A8Qo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75d99af0bd628f86ff1087ed29109a6e_JaffaCakes118

Files

75d99af0bd628f86ff1087ed29109a6e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9903606c0645d0cdcee15bc944851627

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
GetDiskFreeSpaceExW
GetTickCount
ReleaseMutex
IsBadCodePtr
VirtualProtect
CloseHandle
GetDriveTypeA
FindClose
SetLastError
IsBadReadPtr
Sleep
FreeConsole
GetModuleHandleA
DeleteCriticalSection
TlsGetValue
GetCommandLineA
GetLastError
GetComputerNameA
EnumResourceTypesA

shell32

ShellAboutA
DragQueryFileA
SHFree
DragAcceptFiles
SHGetDiskFreeSpaceA
SHGetSettings
ExtractIconA
SHGetMalloc
DllUnregisterServer
DragFinish
StrChrA
ShellMessageBoxA
DuplicateIcon

printui

PnPInterface
vPrinterPropPages
vQueueCreate
bPrinterSetup
bFolderGetPrinter

advapi32

RegCloseKey

Sections

.text
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE