0921b719c957562634f57975c79aeda1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0921b719c957562634f57975c79aeda1_JaffaCakes118
Size

536KB
MD5

0921b719c957562634f57975c79aeda1
SHA1

2543b0d2e46013d7ef1be8b030f57af80595f226
SHA256

b3be278431259677aa52233967d83625a600c4ebc86b6f8ae7085a6c18d300e6
SHA512

63a7a851b5bf13b2a7206ab1d30f0fcdf63f0cc18bdc7d8136dd94a53814c37d27cf0cbdfac90d5890be69439a08cd953442c8f53b19626f876bf827af86c894
SSDEEP

12288:HM5f1yt0PM6l6DHXPBfJVOXaP/jPt00/3ZP8:HM5f1ytgBl6bFJVOXaDF00u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0921b719c957562634f57975c79aeda1_JaffaCakes118

Files

0921b719c957562634f57975c79aeda1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

736eae8110c46a8718d5a654d78c0609

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
DeviceIoControl
lstrlenA
GlobalSize
IsDebuggerPresent
Sleep
GetDriveTypeW
FindClose
DeleteFileA
CloseHandle
GetModuleFileNameW
GetStartupInfoA
GetCommandLineA
GetFileTime
CloseHandle
HeapCreate
GetModuleHandleA
GetConsoleTitleA
LocalFlags
CreateFileMappingW

user32

GetWindowLongW
DestroyMenu
CallWindowProcW
BeginPaint
DrawTextW
DestroyWindow
PeekMessageA
IsZoomed
LoadImageA
DispatchMessageA
FillRect
DispatchMessageA
IsWindow

dpwsockx

DPWS_GetEnumPort
DPWS_GetEnumPort
DPWS_GetEnumPort
DPWS_GetEnumPort

imagehlp

ImageUnload

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 529KB - Virtual size: 528KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ