f9c661fcbb020a85a653a087d0844259_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f9c661fcbb020a85a653a087d0844259_JaffaCakes118
Size

48KB
MD5

f9c661fcbb020a85a653a087d0844259
SHA1

f01af2b8df17618437b54936c381291bf4d815ac
SHA256

9fcfcfa5c8b56db6b18632f489a5ac9ff7b7e3cec4d46121b56147cc3bc9023a
SHA512

580a3bbfaeb9af71a886905fe6c17316f28a14b1cfed8539286294a366f4240e8ae68d206f78d51a58f9fe0f1e27f912ad0600ef29ce270b95e06a0437daf049
SSDEEP

768:ZGQFpvoSFVnVtT6VkU7wSGrpq7Ari4IrlQzs4MNG3xaSUbS3fCBbx6b3dRlyKkse:ZGyhoSFVrekUEycri92s4z3xaSX8t6be

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9c661fcbb020a85a653a087d0844259_JaffaCakes118

Files

f9c661fcbb020a85a653a087d0844259_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3e6797c797551a458f22a482a6464dd9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadReadPtr
GetModuleHandleA
Sleep
CloseHandle
ReleaseMutex
FindClose
VirtualProtect
FreeConsole
TlsGetValue
GetDiskFreeSpaceExW
GetTickCount
GetDateFormatA
GetLastError
GetCommandLineA
EnumResourceTypesA
IsBadCodePtr
SetLastError
LoadLibraryExA
DeleteCriticalSection
GetDriveTypeA

shell32

SHGetDiskFreeSpaceA
SHGetSettings
DragQueryFileA
SHFree
ExtractIconA
StrChrA
DragFinish
DllUnregisterServer
ShellAboutA
ShellMessageBoxA
DuplicateIcon
DragAcceptFiles
SHGetMalloc

printui

bPrinterSetup
vPrinterPropPages
bFolderGetPrinter
vQueueCreate
PnPInterface

advapi32

RegCloseKey

Sections

.text
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ