f58fdc7661fce832e1e2d4af27b8d02e_JaffaCakes118 | Triage

Sharing

General

Target

f58fdc7661fce832e1e2d4af27b8d02e_JaffaCakes118
Size

370KB
MD5

f58fdc7661fce832e1e2d4af27b8d02e
SHA1

a9d4527941f7b8a3624905d72328fb6bcf859873
SHA256

36285f8cfbe2319124c96bc2ade9677f879c0c58d114505961a842679d8ecd05
SHA512

5009adcd2b1a3805070482671b2786e83ce41ac40260ebe253b53daa910c5786d0daeaba0b6698eca1fbbd80ddedf1b2d2d08c60f32ad05cd269e44f6d85f41f
SSDEEP

6144:tk9kmoMOXSyHyC3jRSaZjmi/KaeF/ae/X7FwHqYLAzB:Kam8XVHjNSaZy0KaA/auX0h4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f58fdc7661fce832e1e2d4af27b8d02e_JaffaCakes118

Files

f58fdc7661fce832e1e2d4af27b8d02e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

caa2a555e18dec6de28316fa3ff7841b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
SetEnvironmentVariableA
GlobalUnlock
HeapCreate
GlobalFree
CloseHandle
GetStdHandle
CreateFileA
DeleteAtom
GetProcessHeap
GetCurrentThreadId
VirtualQuery
FindResourceA
SetLastError
lstrlenW
GetExitCodeProcess
CreateMutexA
TlsGetValue
LoadLibraryExW
ReleaseMutex

user32

CallWindowProcA
CreateWindowExA
GetDlgItem
GetDC
DispatchMessageA
FillRect
CheckRadioButton
GetIconInfo
DrawMenuBar
IsWindow
DrawEdge
CreateMenu
SetFocus

ntshrui

IsPathSharedA
SetFolderPermissionsForSharing
IsPathSharedW
GetNetResourceFromLocalPathA
GetLocalPathFromNetResourceA

msasn1

ASN1BERDecEoid

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 343KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ