07bf3f174da9a78b26ac66053b1c1616_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

07bf3f174da9a78b26ac66053b1c1616_JaffaCakes118
Size

769KB
MD5

07bf3f174da9a78b26ac66053b1c1616
SHA1

136fcf7beb8c9cb423150a1b2d713dd7696dcaa8
SHA256

66a01af8400b6f96d672070821ddab52526f1c623a19c6152702135939026a74
SHA512

ee9d1bf8a907cb39015e3796ffbd21f84baffc16bdbe6ff2bd90f98a65aef59795a866076a4ac23ded9f7f0c294958091dddd5e3f274e1736e754cf21e497a24
SSDEEP

24576:E6F+IB93GefOxA4tM5+WZZ7niNPCEjrRKj+R6:vYi3GYo3M77nWjPg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07bf3f174da9a78b26ac66053b1c1616_JaffaCakes118

Files

07bf3f174da9a78b26ac66053b1c1616_JaffaCakes118
.exe windows:4 windows x86 arch:x86

153cd38e7b558384e30aa2d28ef1de30

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
HeapFree
CreateEventW
GetDriveTypeA
Beep
CreateFileMappingW
ReleaseMutex
ResetEvent
VirtualProtect
GetFileType
WriteFile
RemoveDirectoryA
GetCommandLineA
RemoveDirectoryA
DeleteFileA
CreateFileA
lstrlenA
CreateDirectoryW
WriteConsoleW
GetTickCount
FindClose
FindClose
SetStdHandle
OpenEventA
ReleaseSemaphore

user32

IsWindow
CreateIcon
GetClassInfoA
DestroyMenu
DispatchMessageA
DestroyMenu
IsZoomed
DrawTextW
PeekMessageA
GetWindowLongA
MessageBoxA
FindWindowA
GetSysColor

dmloader

DllGetClassObject
DllGetClassObject
DllGetClassObject
DllGetClassObject

Sections

.text
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 760KB - Virtual size: 760KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ