cf5af04fa03267151542554eabd16116_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cf5af04fa03267151542554eabd16116_JaffaCakes118
Size

362KB
MD5

cf5af04fa03267151542554eabd16116
SHA1

28e298d75e8c9630900834314f585801796ddd1d
SHA256

bf27111d709a5c2d9b5f15ae2433568fd07921f367127697a278ec1ac3e1dcc6
SHA512

fea0b0863e2f30c1c9c4c58389444dea9bc0acac0e392ec5c9ed3bdd1753cc32a26012e9d5b75e231c98da7fd28f199bf5dd71606fa52a6d42b81d64335a1fc9
SSDEEP

6144:dXQ4p5rptVLMztkVwZcl2OzZ+hz06PiAsJXtfvWt73+mBGDbDvDhwufZIQo/unyE:dXQ4xtVLNV8GZmz1PiAsJ2+bDv1fZI0R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf5af04fa03267151542554eabd16116_JaffaCakes118

Files

cf5af04fa03267151542554eabd16116_JaffaCakes118
.exe windows:4 windows x86 arch:x86

648b3688dba5cb2405799dad2b732076

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetACP
GetCurrentProcessId
HeapDestroy
GlobalMemoryStatus
VirtualProtect
GlobalSize
PeekConsoleInputA
GetCommandLineA
ResumeThread
GetTimeFormatA
GetUserDefaultLCID
GetModuleHandleA
GetTapeStatus
FreeConsole
InterlockedExchange
IsDebuggerPresent
GetSystemTime
HeapCreate
LoadLibraryExA
WaitForSingleObject

user32

ShowWindow
ReleaseDC
GetWindow
GetDC
GetTitleBarInfo
GetFocus
GetParent
FillRect
AnyPopup
EndPaint
GetCursorPos
BeginPaint
DragDetect
GetClassNameA
DrawTextA
FrameRect
wsprintfA
SetForegroundWindow
CreateIcon

ntshrui

GetNetResourceFromLocalPathA
DllGetClassObject
GetLocalPathFromNetResourceA
SetFolderPermissionsForSharing
IsFolderPrivateForUser

hnetcfg

DllGetClassObject

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 912KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ