c83c2f90aeadf167de25371dcf4f008f_JaffaCakes118 | Triage

Sharing

General

Target

c83c2f90aeadf167de25371dcf4f008f_JaffaCakes118
Size

637KB
MD5

c83c2f90aeadf167de25371dcf4f008f
SHA1

ac7e47865e3d8ea9789ad8c4c6a3860c02166728
SHA256

615512e925e33392e51b0964f6ef5f4e684d59c82edb2597d88f3ee0935fc887
SHA512

c1306abb79a550ca45047a0d36b04c4524f781522ea4d7c88340309bdb74654c0d1c9d6feebb261a98eb7c9c0bff7eaba2e0e396e3119df65006693913c9d43e
SSDEEP

12288:xIF2ex4+KhsymXMwZzCii4oY7v1mi93FQZycECfOnEqXoALEuLuYRpIwAFT:xIF2Z+bp8wViCfFQZycEpnEKoALEuL3Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c83c2f90aeadf167de25371dcf4f008f_JaffaCakes118

Files

c83c2f90aeadf167de25371dcf4f008f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

781fbf69b4b0c5c8082a749a7a91d290

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
PeekConsoleInputA
GetSystemTime
GlobalSize
GetTapeStatus
GetTimeFormatA
LoadLibraryExA
InterlockedExchange
GlobalMemoryStatus
GetModuleHandleA
GetOEMCP
FreeConsole
VirtualProtect
HeapCreate
IsDebuggerPresent
GetACP
GetUserDefaultLCID
WaitForSingleObject
HeapDestroy
ResumeThread
GetCommandLineA

user32

SetForegroundWindow
GetClassNameA
EndPaint
DrawTextA
ReleaseDC
GetFocus
AnyPopup
DragDetect
FillRect
GetTitleBarInfo
wsprintfA
CreateIcon
GetCursorPos
GetParent
BeginPaint
ShowWindow
FrameRect
GetDC
GetWindow

ntshrui

GetLocalPathFromNetResourceA
IsFolderPrivateForUser
GetNetResourceFromLocalPathA
DllGetClassObject
SetFolderPermissionsForSharing

hnetcfg

IcfFreeProfile

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ