85ac88b333fe81d1abe7ebc962dc3c2f_JaffaCakes118 | Triage

Sharing

General

Target

85ac88b333fe81d1abe7ebc962dc3c2f_JaffaCakes118
Size

97KB
MD5

85ac88b333fe81d1abe7ebc962dc3c2f
SHA1

9963c92abec735d3868ceaa65ba7c4f3f97a61c0
SHA256

9b03475e87d80687a2b46963f8070d6bd49fe930ffdbb7de093ecd44ae628123
SHA512

73b504eceffe7ff75674c915d74b7b02161169cb2548f17fefa78ff35ebd1f8a49348c03b263c4b1f84d636b7d77617d5d5f8f5e05017bf8b9533f426dc6474b
SSDEEP

1536:jrKDHLAM9fVkpH0Bsjf0OY5IokH8JnDcR7L3xemamxQB6GQluhya0I4T4Dhf+ps:jrLSkpH06GQ8itJrx7bluhT0x+V9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
85ac88b333fe81d1abe7ebc962dc3c2f_JaffaCakes118

Files

85ac88b333fe81d1abe7ebc962dc3c2f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9265e34c1c836104cce20d0743b41060

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPriorityClass
GetConsoleCP
CreateMutexA
GetStdHandle
GlobalFindAtomA
CreatePipe
GetUserDefaultLangID
GetThreadLocale
IsDBCSLeadByte
TlsGetValue
GetModuleHandleA
CompareStringA
GetExitCodeThread
ReleaseMutex
GetOEMCP
GetProcessHeap
SetEvent
VirtualAlloc
TlsFree
CreateThread
GetVolumeInformationA

user32

ReleaseDC
GetActiveWindow
RegisterClassA
GetFocus
ShowWindow
ReleaseDC
GetForegroundWindow
GetWindow
GetWindowTextLengthA
InvalidateRect
ValidateRect
GetClassInfoExA
GetClassNameA
GetDC
GetSystemMetrics
IsWindowVisible
IsIconic
CloseWindow
GetWindowTextA

shell32

SHCreateShellItem
SHChangeNotify
SHBrowseForFolderA
SHGetFileInfoA
SHGetFolderPathA

ntdsapi

DsBindA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 952KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ