da4c82ec48bacee356a0fe0d28ed5ede_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

da4c82ec48bacee356a0fe0d28ed5ede_JaffaCakes118
Size

365KB
MD5

da4c82ec48bacee356a0fe0d28ed5ede
SHA1

99d6f8705512f05e8234510ac762d53f07592ff5
SHA256

d2764cdc2d0e22b387328db287018a1bf255c8bb9bac762e10160c7cb181099c
SHA512

03bfd221a392de99dd1360f6aaef69e02690a0480d5312232e2cddd93eb613c94863e2f671504ee60d47ecf1ce507c662eb26b377123df10d716a1c2c501455e
SSDEEP

6144:DwKNWOXPOumOhnHDAiUNfNAxOZ/kxjXrpRaPz6PcSTGtNFEQuZxJC:DlhhxDrUYxOZ/kxj7pRizAcCGPFEQAI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da4c82ec48bacee356a0fe0d28ed5ede_JaffaCakes118

Files

da4c82ec48bacee356a0fe0d28ed5ede_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ce587d510e8f9b71d63bd160800ba94c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
TlsGetValue
CreateMutexA
GetModuleHandleA
GetDriveTypeA
GetExitCodeProcess
EnumResourceTypesA
Sleep
CloseHandle
SetLastError
GetLastError
GetDiskFreeSpaceExW
GetComputerNameA
DeleteCriticalSection
GetCommandLineA
ReleaseMutex
FreeConsole
VirtualProtect
GetTickCount
LoadLibraryExA

shell32

SheChangeDirA
SHGetDiskFreeSpaceA
ShellMessageBoxA
DragFinish
DragQueryFileA
DragAcceptFiles
DllUnregisterServer
SHGetSettings
SHGetMalloc
StrChrA
SHFree
ShellAboutA
SHGetNewLinkInfo

msports

PortsClassInstaller
ComDBClose
ComDBOpen
ComDBClaimPort
ComDBReleasePort

user32

MessageBoxA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ