c83d06491f894852a3d77de9b6031278_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c83d06491f894852a3d77de9b6031278_JaffaCakes118
Size

87KB
MD5

c83d06491f894852a3d77de9b6031278
SHA1

5f5a73bf55ef154cb6abdfa51646a58bceba1ae0
SHA256

295ab836faa79c8fb9ecf6ec2bc0e7dc92391979372a0f033248006b6d70096f
SHA512

75b053c87514e0a4f2977b1c35f78352c58764cffc801fa03826df9efe1ade5aa163b6fe645033cf8800593640ab9cb9a3cdd9bea1653d28a78c5915124826b2
SSDEEP

768:rTLn242hqCniGU1JTcyZI9BZIVKRvw21nnnnRYZxe6qaKHzRUZziPcr1+ebgL8uc:T+fL4UBZiKRY+Yfrq918ciLg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c83d06491f894852a3d77de9b6031278_JaffaCakes118

Files

c83d06491f894852a3d77de9b6031278_JaffaCakes118
.exe windows:4 windows x86 arch:x86

59542da57cffd0edf498c53b0a65457e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
DeleteCriticalSection
CloseHandle
GetConsoleFontSize
SearchPathA
GetDiskFreeSpaceA
ExitProcess
GetLastError
SetEvent
ReleaseMutex
AddAtomA
GetModuleHandleA
HeapDestroy
CreateThread
FindResourceExA
Sleep
GetTickCount
FindVolumeClose
lstrlenA
TlsGetValue

user32

DragDetect
CloseWindow
EnableWindow
CopyImage
IsIconic
CreateWindowExA
CreateMenu
GetKeyState
CopyIcon
GetScrollBarInfo
GetMessageA
DispatchMessageA
EndDialog
DialogBoxParamA

wshbth

NSPStartup
WSHOpenSocket2
WSHIoctl
WSHJoinLeaf
WSHNotify

shell32

FreeIconList

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ