01e7e30330b750ccefd8b370a59aeef4_JaffaCakes118 | Triage

Sharing

General

Target

01e7e30330b750ccefd8b370a59aeef4_JaffaCakes118
Size

372KB
MD5

01e7e30330b750ccefd8b370a59aeef4
SHA1

3cc5cd94d521fc8133884b79c117e6fab3d5784b
SHA256

dfa2dbd525a30358ffe37aae6a1be05640ef48525490bfe12ffc91b5cd2b68f9
SHA512

431dec6ef9b118886abec41e2a9aaeb0fc7eaeab441487585d1098f53e47cae9516eb2d5cfc5307b2054441189f020f908eeb36ff58a610dd3eeab20e2684689
SSDEEP

6144:XgjvjVcVAC2FXgEr8fE0ASg3/YQvRNMVlJi41fv4Dw:YvjVkCrSvoZNyl5fwD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01e7e30330b750ccefd8b370a59aeef4_JaffaCakes118

Files

01e7e30330b750ccefd8b370a59aeef4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2cfe7302b11074546aac21a34ab7c7c9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GlobalSize
GetModuleHandleW
GetTickCount
GetExitCodeProcess
GetComputerNameW
LocalFree
GetPrivateProfileIntW
CreateFileW
SetEvent
GetLocalTime
FreeConsole
ExitThread
ReadFile
CloseHandle
GetDriveTypeA
FindVolumeClose
VirtualAlloc
ReleaseMutex
GlobalFree

user32

EndDialog
DrawStateW
GetClassInfoA
DispatchMessageA
GetSysColor
GetCursorInfo
GetDlgItem
GetKeyState
CallWindowProcA
SetFocus
GetClientRect
GetMenu
CreateWindowExA

clbcatq

ComPlusMigrate
ComPlusMigrate
ComPlusMigrate
DllGetClassObject
ComPlusMigrate

ntshrui

IsPathSharedA

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 363KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ