dd1216b0690abbf124f7d3d771252095_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dd1216b0690abbf124f7d3d771252095_JaffaCakes118
Size

89KB
MD5

dd1216b0690abbf124f7d3d771252095
SHA1

0cb9bc55dc0ba1f63a7018cb005f974e1c866d79
SHA256

15dd54d42b9178c27a29a309aa26cd36adcdf611593c8e67189ff266b7ec6437
SHA512

156788b339166b5dccf22aa50be8f34eb870289f064ecd733f784f5c35cc97466c366c3e67a9402a16b4d0e51de37b57529528cd54f158c39b7da8aa28b2edae
SSDEEP

768:bTLn242hqCniGU1JTcyZI9BZIVKRvw21nnnnRYZxe6qaKHzRUZziPcr1+ebgL8uc:j+fL4UBZiKRY+Yfrq918ciLg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd1216b0690abbf124f7d3d771252095_JaffaCakes118

Files

dd1216b0690abbf124f7d3d771252095_JaffaCakes118
.exe windows:4 windows x86 arch:x86

59542da57cffd0edf498c53b0a65457e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
DeleteCriticalSection
CloseHandle
GetConsoleFontSize
SearchPathA
GetDiskFreeSpaceA
ExitProcess
GetLastError
SetEvent
ReleaseMutex
AddAtomA
GetModuleHandleA
HeapDestroy
CreateThread
FindResourceExA
Sleep
GetTickCount
FindVolumeClose
lstrlenA
TlsGetValue

user32

DragDetect
CloseWindow
EnableWindow
CopyImage
IsIconic
CreateWindowExA
CreateMenu
GetKeyState
CopyIcon
GetScrollBarInfo
GetMessageA
DispatchMessageA
EndDialog
DialogBoxParamA

wshbth

NSPStartup
WSHOpenSocket2
WSHIoctl
WSHJoinLeaf
WSHNotify

shell32

FreeIconList

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE