a405c4eb73d3d3334e4b256744ec3637_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a405c4eb73d3d3334e4b256744ec3637_JaffaCakes118
Size

107KB
MD5

a405c4eb73d3d3334e4b256744ec3637
SHA1

759388600e590f98df22364705c0cdd5c03d4d90
SHA256

50213d828fab7b5b167c5c17a44da5fca4af39e40df4ef6787c8bfb1745c6d04
SHA512

91e399c04ec56fa789740c6261523b9cbed2a073166b36d6eedc676d856d71463369e1542c12a4ba8605b3218e3c6d2ddb0e81accdeb27b7818e4af49d7aef0e
SSDEEP

3072:VyaOhXNquUIj7dTKe57PbjdZwx2s80c8vD:VfUXN9bkeTGss81Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a405c4eb73d3d3334e4b256744ec3637_JaffaCakes118

Files

a405c4eb73d3d3334e4b256744ec3637_JaffaCakes118
.exe windows:4 windows x86 arch:x86

50b9df9b0c39b902f3c6d478a62ba2ff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyn
GetPrivateProfileStructA
SetCurrentDirectoryA
PeekConsoleInputW
GetConsoleAliasExesLengthW
GetPrivateProfileStructA
DisableThreadLibraryCalls
OpenEventA
GetSystemDirectoryA
DefineDosDeviceA
LocalAlloc
GetTempPathA
InterlockedIncrement
lstrcmpA
CreateFileW
InitAtomTable

user32

RegisterDeviceNotificationA
DefMDIChildProcW
IsWindowUnicode

shell32

SHBrowseForFolder
DoEnvironmentSubstA
SHGetDesktopFolder
SHHelpShortcuts_RunDLLA
RegenerateUserEnvironment
ExtractIconEx
StrStrIW
StrRChrIW

Sections

CODE
Size: 9KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pack32
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE