d1bcad4cb15c54ee5ef31c9a9e17a8f9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d1bcad4cb15c54ee5ef31c9a9e17a8f9_JaffaCakes118
Size

36KB
MD5

d1bcad4cb15c54ee5ef31c9a9e17a8f9
SHA1

b9b24e04240dfa228aa15fa261962c388c40a9f1
SHA256

6bc60cebed5718bb6c842ad120db7182a7d17076c5f02a0877aa33c41f54d711
SHA512

617f07bd3655bcba5754b575adaeef2ad4df9e785b5d466f68d3ce3dfdf3e590c132efa4d313043e0c57c24828d768c18e39cf19cc6e8841de9e4724cbf4f0c3
SSDEEP

384:CB7vYydRBvcQmtnMNeLNek+vDTVmLY32iEKgzfy8266b0p:cYydXmtEZKK89pp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d1bcad4cb15c54ee5ef31c9a9e17a8f9_JaffaCakes118

Files

d1bcad4cb15c54ee5ef31c9a9e17a8f9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7d3b09153c948d421c2f70da0601781c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetDiskFreeSpaceA
ResumeThread
GetComputerNameA
AddAtomA
VirtualProtect
ExitProcess
TlsGetValue
GetModuleHandleA
HeapDestroy
SearchPathA
DeleteCriticalSection
GetLastError
PulseEvent
ReleaseMutex
GetTickCount
SetEvent
CloseHandle
lstrcmpiA
CreateThread

user32

CopyIcon
DragDetect
CloseWindow
GetMessageA
GetScrollBarInfo
IsIconic
DialogBoxParamA
DispatchMessageA
CreateWindowExA
GetKeyState
CopyImage
CreateMenu
EnableWindow
EndDialog

hlink

HlinkNavigate
HlinkTranslateURL
HlinkIsShortcut
HlinkClone
HlinkResolveShortcut

shell32

DragQueryFileA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ