de35fce129fca1b3efeb95f9698884e5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

de35fce129fca1b3efeb95f9698884e5_JaffaCakes118
Size

309KB
MD5

de35fce129fca1b3efeb95f9698884e5
SHA1

5c4980e24e22ecf9c9b248fc453313c9d641264a
SHA256

9271eaf9bf073fcb24f83897dbb7ccd46663f7ac79e44397a2831400524de47a
SHA512

94f46c7501eb1d9d02592407db2efc4a10e490c7bf78f74fef443761664b3c0304940a60abea04e864b3652983581d413b9d4435337822cd6dffee752d55f96d
SSDEEP

6144:xsuojxX8y1Z0pC7runBZBU5sbq9o7Nm9uq/heP7u:KDjxsHC7Jeq9Utq/oPS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de35fce129fca1b3efeb95f9698884e5_JaffaCakes118

Files

de35fce129fca1b3efeb95f9698884e5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a70fc4962eddb9f22388c9345540a1cc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetTickCount
ReleaseMutex
SetEvent
CreateMutexA
GetBinaryTypeA
GetModuleHandleA
FindClose
GetLastError
GetComputerNameA
TlsGetValue
Sleep
CreateSemaphoreA
SetLastError
DeleteCriticalSection
GetCommandLineA
OpenMutexA
SearchPathA
VirtualProtect
FreeConsole

shell32

SheGetDirA
DragQueryFileA
ShellAboutA
DragFinish
SHGetDiskFreeSpaceA
DragAcceptFiles
ShellMessageBoxA
SHGetSettings
SheChangeDirA
SHGetNewLinkInfo
SHGetMalloc
DragQueryPoint
SHAlloc
SHFree

loghours

DirSyncScheduleDialogEx
DialinHoursDialog
LogonScheduleDialog
DirSyncScheduleDialog
DialinHoursDialogEx

advapi32

RegCloseKey

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ