1562c24423128cb0912891e0f53ea1b1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1562c24423128cb0912891e0f53ea1b1_JaffaCakes118
Size

746KB
MD5

1562c24423128cb0912891e0f53ea1b1
SHA1

5ec1104db853f97afc1417dd7506712e1728610c
SHA256

95ceb79b246ddf28bd17d2096dba6a63c798715512d16fc173776c943bbebd9e
SHA512

62d72bb86a52706e73830a4b1c6b8bd1648a63c746d69a01b8f7296d3af6b5dea4a7dde1ff37db88c953e89e85a5952b0c212c4d20588e29c55bc152bf5c7dcf
SSDEEP

12288:KAfmfE9QPgcaKX80dgHTaqvBzSeoPRLweTVAY2tV4QDeG64kqj0VMynN:9f+ktGXxdQTaqJJoPRLuLlDD649wVMyN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1562c24423128cb0912891e0f53ea1b1_JaffaCakes118

Files

1562c24423128cb0912891e0f53ea1b1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

15f4cdb909153a1420cd733f11c34d9c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
GetModuleHandleA
SetLastError
MapViewOfFile
DeleteFileW
SuspendThread
GetCommandLineW
Sleep
CloseHandle
GetFileAttributesA
HeapCreate
ReadFile
GetFileType
ExitProcess
GetTickCount
EnterCriticalSection
FindAtomW
RemoveDirectoryA
SetFileAttributesW
HeapFree
GetCurrentDirectoryW
IsBadReadPtr
GetEnvironmentVariableW
SetLastError
GetFileTime

uxtheme

DrawThemeBackground
OpenThemeData
GetThemeColor
DrawThemeEdge
GetThemeTextExtent
CloseThemeData
IsThemeActive
GetThemeEnumValue
GetWindowTheme
CloseThemeData
GetThemeTextMetrics
SetWindowTheme
GetThemeBool

credssp

SpVerifySignature
SpVerifySignature
SpVerifySignature
SpVerifySignature

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 738KB - Virtual size: 738KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE