a88fb88e98d71341785f56899fa79055_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a88fb88e98d71341785f56899fa79055_JaffaCakes118
Size

329KB
MD5

a88fb88e98d71341785f56899fa79055
SHA1

66cb590e8a1e7e473b61d4b5273ff881be3e7b08
SHA256

1d65d69193020400e421b573ea5c1d03a2fc921a9c414704608ed92960779899
SHA512

46422ca3b911d32be7bfdb419f399903b8b2e6b42ef8ff8350ecae61380d5217934c4f46048dcbf3491b3d589574c28980b055b82ff4bcf5af60ae358cafc33f
SSDEEP

6144:ikly8fFKth53mloT+xckQ4KfWUsZnR1vY6m2UxQskDJai:0RT3aDxPX6YhRazkDX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a88fb88e98d71341785f56899fa79055_JaffaCakes118

Files

a88fb88e98d71341785f56899fa79055_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0e06cfb816239532afeef4421efb983a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateSemaphoreA
CreateMutexA
CloseHandle
FindClose
GetExitCodeProcess
VirtualProtect
GetTickCount
TlsGetValue
GetBinaryTypeA
SetEvent
SearchPathA
SetLastError
Sleep
GetModuleHandleA
GetCommandLineA
GetComputerNameA
FreeConsole
GetLastError
DeleteCriticalSection
ReleaseMutex

shell32

SheChangeDirA
SHGetDiskFreeSpaceA
ShellAboutA
SheGetDirA
ShellMessageBoxA
SHFree
SHGetMalloc
DragQueryFileA
SHAlloc
SHGetSettings
SHGetNewLinkInfo
DragQueryPoint
DragFinish
DragAcceptFiles

loghours

DialinHoursDialog
DirSyncScheduleDialog
LogonScheduleDialog
DialinHoursDialogEx
DirSyncScheduleDialogEx

advapi32

RegCloseKey

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ