e19ae48aabfae5c2f6d97765748556e0_JaffaCakes118 | Triage

Sharing

General

Target

e19ae48aabfae5c2f6d97765748556e0_JaffaCakes118
Size

370KB
MD5

e19ae48aabfae5c2f6d97765748556e0
SHA1

c6048b107a2c41bc428e1d47c9b5a0899de37f01
SHA256

26d2592ca2ad487054078af1fbdf7defb6b3f239d6c545649d764bc31d3ee689
SHA512

6e34c45a2a6885423258600bf3c8d3f27c8c621fc10f282cebbee1e2d93696a1ea01fef867e1986a9778587e7caed86e83b3a0b82c9379cb1924803b2c2f9532
SSDEEP

6144:hfaM8XNbk3HyKj+Imup/1N0U4tfMEzQoslcCNiDUkCtsp31g2DXJ:8M8XhGHyKjFPpqtcokNYUkJhDX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e19ae48aabfae5c2f6d97765748556e0_JaffaCakes118

Files

e19ae48aabfae5c2f6d97765748556e0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

14d7c6b7acda8e1b6671737cc2cec192

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteAtom
CreateFileA
ReleaseMutex
GetCurrentThreadId
GetEnvironmentVariableA
CreateMutexA
TlsGetValue
CloseHandle
GetExitCodeProcess
GlobalUnlock
HeapCreate
GlobalFree
lstrlenW
GetStdHandle
SetLastError
FindResourceA
TlsAlloc
GetModuleHandleA
GetProcessHeap
LoadLibraryExA

user32

SetFocus
DrawEdge
GetCaretPos
CreateMenu
DispatchMessageA
IsWindow
GetDlgItem
CreateWindowExA
FillRect
GetDC
DrawMenuBar
CallWindowProcA
CheckRadioButton

ntshrui

GetNetResourceFromLocalPathA
IsPathSharedA
IsPathSharedW
SetFolderPermissionsForSharing
GetLocalPathFromNetResourceA

msasn1

ASN1BERDecEoid

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 343KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ