005693ab39fe408d24a9d13ce14f0eaa_JaffaCakes118 | Triage

Sharing

General

Target

005693ab39fe408d24a9d13ce14f0eaa_JaffaCakes118
Size

274KB
MD5

005693ab39fe408d24a9d13ce14f0eaa
SHA1

0601a671e76f24620c633efd322ee1a7f21f4a04
SHA256

fa7a22059d6357503789cf86b91e384eeb31f2efda699d2044cccbb6a2ebdbd3
SHA512

943c1d72bd5d7bdb978ef80decfa0c46d13dde7df13e316127e7ff3d72ef88062510699a05755a4a2e84b08b478fb81f758bc82e5c628a11b5f371b0840df9a8
SSDEEP

6144:bLvuoEIcu35z9lOfR82kwaKcg3scZVV6aLSx+4UoYqp6Kd09:GoUojlOp8HwaK9fLRexNUA6Kw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
005693ab39fe408d24a9d13ce14f0eaa_JaffaCakes118

Files

005693ab39fe408d24a9d13ce14f0eaa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

20dc54c4f2f2a7e4e5db780a6a8e0e2d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenThread
GetFileSize
GetStdHandle
GetModuleHandleA
WaitForMultipleObjects
GetLocalTime
CreateMutexW
GetFileAttributesW
Sleep
SetLastError
GetTickCount
ReleaseMutex
HeapSize
WaitForSingleObject
RemoveDirectoryW
ExitProcess
GetEnvironmentVariableA
HeapCreate
FindClose
CloseHandle
CreateFileA
GetCurrentDirectoryA
GetTickCount
GetStartupInfoW
DeleteFileA

user32

MessageBoxA
DispatchMessageW
GetCursorPos
DispatchMessageW
GetDC
GetClassInfoA
GetSysColor
PeekMessageA
GetDC
CallWindowProcW
GetWindowLongA
GetDC
GetDC

wmiprop

WmiPropCoInstaller
WmiPropCoInstaller
WmiPropCoInstaller
WmiPropCoInstaller

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 296KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ