7868c47b667ba093dac340d1fd258f6e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7868c47b667ba093dac340d1fd258f6e_JaffaCakes118
Size

358KB
MD5

7868c47b667ba093dac340d1fd258f6e
SHA1

8fbec58cfe01d2bc9c24eadf1d39330931798dd5
SHA256

b0a873fecde0015f0807364613a0359f0a0bfb4476b562f48c72c76abcbac1ae
SHA512

7d4a5a137d40711af8d3a2d828a762ef47853e2a2169a657cc7f939e76f12628500bf12b855d37a064294d12b4c80bc1fcd25c4101d2df551e79e769813be062
SSDEEP

6144:p01Yk7BnS1reexa5IMl7elkTLPHOqwGzKYz5IeF61KAQkvgprfD:y1bnSUexa5NjTDuqwGzK0IUpkvgp7D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7868c47b667ba093dac340d1fd258f6e_JaffaCakes118

Files

7868c47b667ba093dac340d1fd258f6e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e03faad8d064fc6d9095af86ddad8614

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
WaitForSingleObject
GetCommandLineA
TlsGetValue
GetModuleHandleA
GlobalSize
LoadLibraryExA
LockResource
GetConsoleCP
WaitForSingleObject
HeapCreate
VirtualProtect
GetUserDefaultLCID
LocalLock
InterlockedExchange
GetAtomNameA
SetLastError
GetSystemTime
lstrlenA
PeekConsoleInputA
ResumeThread

user32

CreateIcon
AnyPopup
GetWindow
DragDetect
ReleaseDC
GetTitleBarInfo
FrameRect
GetCursorPos
GetFocus
BeginPaint
ShowWindow
wsprintfA
SetForegroundWindow
GetClassNameA
FillRect
DrawTextA
EndPaint
GetParent
GetDC

ntshrui

DllGetClassObject
GetLocalPathFromNetResourceA
GetNetResourceFromLocalPathA
DllCanUnloadNow
SetFolderPermissionsForSharing

wshtcpip

WSHIoctl

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 556KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ