d3b72b6686790f43973c261d014096ce_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d3b72b6686790f43973c261d014096ce_JaffaCakes118
Size

244KB
MD5

d3b72b6686790f43973c261d014096ce
SHA1

ce489855d2767d06c308ed5b89100f35add5f44c
SHA256

097a76f564f37034b70de588d8bc8704f60840b1241e8d516beedb6d392478f5
SHA512

379f7353c76bcae64981ab6187926fa531474d9dc9412cf36175bb969f6ffb771bad77e777e2aa432c1648286ca51e4038eddc8f39c1db52de72e9e7add80c23
SSDEEP

3072:+4hX5gc22/R5mwSWw5ej2KyKUn+avR8vBpsBs0a7owfuMFcg/sK7+5Pp4Wabt3w:+4HDCNHkClKUnxvCvvz0SmLlKaYt3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3b72b6686790f43973c261d014096ce_JaffaCakes118

Files

d3b72b6686790f43973c261d014096ce_JaffaCakes118
.exe windows:4 windows x86 arch:x86

33efeac5c47c12e599d48eb1837d37f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
GetProcessHeap
SetLastError
GetModuleHandleA
VirtualQuery
GetEnvironmentVariableA
lstrlenW
GlobalUnlock
GlobalFree
FindResourceA
CloseHandle
TlsGetValue
GetStdHandle
LoadLibraryExW
ReleaseMutex
GetCurrentThreadId
GetExitCodeProcess
CreateMutexA
DeleteAtom
HeapCreate

user32

DrawEdge
GetDlgItem
GetIconInfo
DispatchMessageA
CheckRadioButton
DrawMenuBar
GetDC
CallWindowProcA
IsWindow
CreateWindowExA
CreateMenu
FillRect
SetFocus

ntshrui

GetNetResourceFromLocalPathA
GetLocalPathFromNetResourceA
IsPathSharedA
IsPathSharedW
SetFolderPermissionsForSharing

msasn1

ASN1BERDecEoid

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 206KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ