a79a73972d6c8d40c7d22a01b29a3120_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a79a73972d6c8d40c7d22a01b29a3120_JaffaCakes118
Size

358KB
MD5

a79a73972d6c8d40c7d22a01b29a3120
SHA1

314c7048b016364d14aca9d423ec753cbf21b251
SHA256

18e4f7b2430d041722ec97e230eaedb2f0c3a076f5d862e9f1bba87357cc4fcb
SHA512

b566644dee9e61098befd0425795b7e384b206bd2f9747b3a698274bc08b85fe06be2fce2aa425b43dd1661b8e289715c52b580119a4855a8c239dea23bdb59f
SSDEEP

6144:hK11GLnGK090QKtYo6e9yydWM/EMMmYLZlFSUNbji9Yv30F:hK1mGK090rq6y6OnFNpAuEF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a79a73972d6c8d40c7d22a01b29a3120_JaffaCakes118

Files

a79a73972d6c8d40c7d22a01b29a3120_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c0e55472de7579404dd4a0509ee03ea8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
WaitForSingleObject
GetModuleHandleA
lstrlenA
GetSystemTime
LockResource
TlsGetValue
ResumeThread
GetConsoleCP
PeekConsoleInputA
GetUserDefaultLCID
GetCommandLineA
LoadLibraryExA
GetAtomNameA
HeapCreate
VirtualProtect
GetACP
GlobalSize
SetLastError
LocalLock
InterlockedExchange

user32

GetCursorPos
ReleaseDC
GetClassNameA
SetForegroundWindow
GetParent
CreateIcon
DragDetect
GetWindow
AnyPopup
DrawTextA
GetDC
BeginPaint
GetFocus
FrameRect
GetTitleBarInfo
EndPaint
FillRect
wsprintfA
ShowWindow

ntshrui

GetNetResourceFromLocalPathA
SetFolderPermissionsForSharing
DllCanUnloadNow
GetLocalPathFromNetResourceA
DllGetClassObject

wshtcpip

WSHIoctl

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 556KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ