0340170a01528073036513505fe2d214_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0340170a01528073036513505fe2d214_JaffaCakes118
Size

748KB
MD5

0340170a01528073036513505fe2d214
SHA1

7d8dade66c56d6960b2b5b498f3a5a491aef95e3
SHA256

f046d330f8d0701b1fe5e8c4b9e324e83a0bf1e2a1b7fb3c73c099e22c78352b
SHA512

c8431749aebe066edd98a82fa30336623e4f753b47421739ac3856ee198ca603be88ab2b390949fda9951ceac540c41e296e7c3bd57cbec05eaf1d96ecda0d0f
SSDEEP

12288:xut4+w8bz4mqvXQR/CW+bu+o/fOWMVg9r/UIqelIQWcvDtsib9eFkX+eqKdTxrpV:YG0bsPvDaWzVgNbqepWcvDtsiboodT0u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0340170a01528073036513505fe2d214_JaffaCakes118

Files

0340170a01528073036513505fe2d214_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5b6facf37778dc41e8f1905c422a80ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
FindClose
GetCommandLineA
GetDriveTypeA
HeapCreate
WriteFile
CancelIo
GetModuleHandleA
GetFileTime
ExitThread
LocalSize
FindVolumeClose
HeapFree
CreateDirectoryA
GetModuleFileNameA
VirtualQuery
GetFileType
CreateSemaphoreA
CloseHandle
FindVolumeClose
IsBadReadPtr
GetFileAttributesA
lstrlenA
GetCurrentDirectoryW
WaitForMultipleObjects

uxtheme

GetThemeColor
OpenThemeData
DrawThemeEdge
GetThemeTextMetrics
CloseThemeData
IsThemeActive
GetThemeEnumValue
GetThemeBool
GetWindowTheme
CloseThemeData
GetThemeTextExtent
SetWindowTheme
DrawThemeBackground

fltlib

FilterClose
FilterClose
FilterClose
FilterClose

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 740KB - Virtual size: 740KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE