a5179df9beeeeef9c8f8078828282745_JaffaCakes118 | Triage

Sharing

General

Target

a5179df9beeeeef9c8f8078828282745_JaffaCakes118
Size

10KB
MD5

a5179df9beeeeef9c8f8078828282745
SHA1

db418939285486a26ed9b883b8e3c17b1c1ed669
SHA256

9763f3731ff4e550c7b1fe76304f2f0d6236b4f5def62def25cebf3f9842d77a
SHA512

237342c932a1e0397f49fc9d72b237c9a2e547eb7e087b8679798e56b47344b91a3cac6f9114f9ccff63d1649bbc9a7f1cae1d2f4fb00f8660dfb546a5d8c955
SSDEEP

192:cglPEMjH6mVGCQoAy51lasuDrN3Gzj1Cdrco2dzuw+p:XjH6mVbDHf8sCrN3Gzj1Vbzd4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5179df9beeeeef9c8f8078828282745_JaffaCakes118

Files

a5179df9beeeeef9c8f8078828282745_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b9508fad2489077fee1250f68aa0d99a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
HeapCreate
LoadLibraryExA
TlsGetValue
GlobalUnlock
GetExitCodeProcess
GetStdHandle
GlobalFree
ReleaseMutex
GetCurrentThreadId
DeleteAtom
CreateMutexA
GetEnvironmentVariableA
CreateFileA
SetLastError
FindResourceA
TlsAlloc
lstrlenW
GetProcessHeap
CloseHandle

user32

CallWindowProcA
CreateWindowExA
FillRect
CheckRadioButton
CreateMenu
SetFocus
GetDC
IsWindow
DrawMenuBar
GetCaretPos
GetDlgItem
DispatchMessageA
DrawEdge

ntshrui

IsPathSharedW
IsPathSharedA
GetNetResourceFromLocalPathA
SetFolderPermissionsForSharing
GetLocalPathFromNetResourceA

msasn1

ASN1BERDecEoid

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 271KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ