84949cc3f990e239bd611e73b2770165_JaffaCakes118 | Triage

Sharing

General

Target

84949cc3f990e239bd611e73b2770165_JaffaCakes118
Size

815KB
MD5

84949cc3f990e239bd611e73b2770165
SHA1

74e2bf903485226755831995ede4f85d77abb8b8
SHA256

82c365a5538d0538562e5b44b85a4b419b0645042134fe33cd7ea5117a6fce11
SHA512

0999d374942c7a8c445e50c8a3f4a62ca742ea82e729db35a9fd20f15e138a636b506f3c0f21334c901487ca702ba00e65e9f67fc436ce38640e1c0b854c0567
SSDEEP

12288:baD/eYkMtvKg40SbK9i3KjnRO9aD4e5kp5JDiKCyQP4wqHLSyI89ZXnvshK6+g+w:baD/V7vKai3Kjn750G3qHLrHN6+8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
84949cc3f990e239bd611e73b2770165_JaffaCakes118

Files

84949cc3f990e239bd611e73b2770165_JaffaCakes118
.exe windows:4 windows x86 arch:x86

966d701ad487ba264394ad2b8b21e67c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexA
LocalFree
UnmapViewOfFile
LoadLibraryExW
SetLastError
ExitProcess
MapViewOfFile
FreeEnvironmentStringsA
SetVolumeMountPointA
GetModuleHandleA
CreateFileA
FindClose
IsBadCodePtr
FreeConsole
GetACP
TlsGetValue
HeapCreate
GlobalUnlock
GetLastError
HeapDestroy

user32

IsWindow
CallWindowProcA
DrawMenuBar
CheckRadioButton
DrawEdge
GetIconInfo
GetDC
GetFocus
DefWindowProcW
DispatchMessageA
CopyRect
FillRect
GetDlgItem
MessageBoxA

uxtheme

DrawThemeIcon
GetThemeSysInt
DrawThemeEdge
DrawThemeText
GetThemeRect

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ