0137bd0f1f774ddb9671e046d160a050_JaffaCakes118 | Triage

Sharing

General

Target

0137bd0f1f774ddb9671e046d160a050_JaffaCakes118
Size

769KB
MD5

0137bd0f1f774ddb9671e046d160a050
SHA1

69d9295b5568dabc428cad3829c524b0b492e5ea
SHA256

ff1e9d14635476f30d535bbac86a1d60976ea69f4182d762dc7d2aa6ca7d0b5c
SHA512

67541effeb5cb72a83d0c479bfd9ee483195b6ea2ae54eaab377841b2c491954586f025ebaf0b31b95ac422acc74910d758f47fa24a316fbf1b5b6d533d4fadf
SSDEEP

24576:TsraMRhvfwztMqZdq0yir4As+ML7HVHpbDWN8ykr:TseMRlf0u9ir+vnb51

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0137bd0f1f774ddb9671e046d160a050_JaffaCakes118

Files

0137bd0f1f774ddb9671e046d160a050_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a577f947525b3978695eb8772d4edefd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSize
FindClose
WriteFile
GetVersion
CreateFileMappingW
CreateFileA
RemoveDirectoryW
GetModuleHandleA
ResetEvent
GetDriveTypeA
GetCommandLineA
ReleaseMutex
SetStdHandle
HeapFree
DeleteFileA
OpenEventW
VirtualProtectEx
WriteConsoleW
ReleaseSemaphore
FindClose
lstrlenA
RemoveDirectoryW
Sleep
CreateMutexA
CreateDirectoryW

user32

DispatchMessageA
DestroyMenu
GetSysColor
MessageBoxA
PeekMessageA
DestroyMenu
FindWindowA
CreateIcon
GetWindowLongA
GetClassInfoA
DrawTextW
IsWindow
IsZoomed

efsadu

EfsDetail
EfsDetail
EfsDetail
EfsDetail

Sections

.text
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 761KB - Virtual size: 760KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ