a60912ce76ffd2343ae7f7142b3964db_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a60912ce76ffd2343ae7f7142b3964db_JaffaCakes118
Size

51KB
MD5

a60912ce76ffd2343ae7f7142b3964db
SHA1

392056cb1190e62994974677f3ee6377ca6e1378
SHA256

bd1cdaa03e768bb47af54a3568a4ab4b9e94330837c0afe19b525e7abc09d568
SHA512

d426545e9045bad22c821f889799b48af5b154fa25a2f48cc942ead41ecc557115fd4ad16ee25d5e9d717588edfbef58052631c7174b0a7af9cc091797fd2843
SSDEEP

384:gdziYNmMNeLNek+vDe/ZXu13sIMJd2RRvMuUURUnA/or/zo80xBv41y2CZERxGwk:eOUGu10Jd2RtMuU8yA/S0v4pDgwk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a60912ce76ffd2343ae7f7142b3964db_JaffaCakes118

Files

a60912ce76ffd2343ae7f7142b3964db_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3fc6d984153cc5d056693dd55ac073d9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
TlsGetValue
FreeConsole
LoadLibraryExA
FindClose
GetModuleHandleA
Sleep
GetDriveTypeW
EnumResourceTypesA
DeleteCriticalSection
VirtualProtect
PulseEvent
CloseHandle
LocalFree
GetDiskFreeSpaceExW
SetLastError
GetDateFormatA
GetCommandLineA
IsBadCodePtr
IsBadReadPtr

shell32

DragFinish
DuplicateIcon
DragQueryFileA
SHGetSettings
SHFree
DragAcceptFiles
ShellMessageBoxA
SHGetDiskFreeSpaceA
ShellAboutA
StrChrA
SHGetMalloc
DllUnregisterServer
ExtractIconA

msasn1

ASN1BERDecCheck
ASN1BERDecBool
ASN1BERDecFlush
ASN1BERDecEoid
ASN1BERDecDouble

advapi32

RegCloseKey

Sections

.text
Size: 1024B - Virtual size: 632B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ