dd61e5e6f0878ee849723ea9e5adb45b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dd61e5e6f0878ee849723ea9e5adb45b_JaffaCakes118
Size

16KB
MD5

dd61e5e6f0878ee849723ea9e5adb45b
SHA1

43e83bddf69a4a9ec0b9c37782bc35103ed202b8
SHA256

83972e0f9036fc36bcfe37b5daf0508ca810d100cb82d4459ce7624bb2d92c06
SHA512

6dc71086e22616b0eedbd12041bc623495941ccc1df8f8ba05e88418cc3ce43df969ab271c8924e67c8a20121e026ad5a5acaf59b1a673f0cd2294055dfbc4b9
SSDEEP

96:6PZOasArXsSU++F4PVSWT0MDqs1OvUQjIrLOrMYONfeZEWVArvU3mONfeZEWV4+L:6xOyx/PV1TMsI/uLOMNeTL3TNeT4+vD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd61e5e6f0878ee849723ea9e5adb45b_JaffaCakes118

Files

dd61e5e6f0878ee849723ea9e5adb45b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ac254391414ed711c4fb03fcff8db0ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumResourceTypesA
IsBadReadPtr
SetLastError
TlsGetValue
GetDiskFreeSpaceExW
GetDriveTypeA
Sleep
VirtualProtect
IsBadCodePtr
GetComputerNameA
ReleaseMutex
DeleteCriticalSection
FindClose
GetCommandLineA
GetLastError
LoadLibraryExA
GetTickCount
CloseHandle
GetModuleHandleA
FreeConsole

shell32

SHGetSettings
SHFree
ShellAboutA
SHGetMalloc
DllUnregisterServer
SHGetDiskFreeSpaceA
ExtractIconA
StrChrA
DuplicateIcon
DragAcceptFiles
DragFinish
DragQueryFileA
ShellMessageBoxA

printui

bFolderGetPrinter
vPrinterPropPages
bPrinterSetup
vQueueCreate
PnPInterface

advapi32

RegCloseKey

Sections

.text
Size: 1024B - Virtual size: 580B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ