111b7924c8d69e74c3d65186c6d4dc45_JaffaCakes118 | Triage

Sharing

General

Target

111b7924c8d69e74c3d65186c6d4dc45_JaffaCakes118
Size

301KB
MD5

111b7924c8d69e74c3d65186c6d4dc45
SHA1

936b98251dc64698b66f96c44e717eea71c56cdc
SHA256

9b47d8b6d2b9417017c4530d4fadbd72f8ad380225c74472b5706096d634ceee
SHA512

37ed1627a2587b85d87abee4fa93267739ff21841b2af4d61e2cf1c68f5d174e5b9fced47890ebd9a8759f822df83342d32b05fef1b3ef78797c3400b91a644e
SSDEEP

6144:sgJaxOE5IK5Z4n9bnXwRwCTF6Ka9m9GYoKlrz9sam7X:sg8D5IKXSrBKB9boKdz8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
111b7924c8d69e74c3d65186c6d4dc45_JaffaCakes118

Files

111b7924c8d69e74c3d65186c6d4dc45_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d5ae136caeb3a8dfb5d7e777bff4f991

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatW
GetModuleHandleW
HeapCreate
GetConsoleTitleW
TlsAlloc
GetExitCodeProcess
GetTickCount
GetStdHandle
GetShortPathNameW
IsValidCodePage
GetDriveTypeA
SetLastError
HeapFree
lstrcmpiA
GetLastError
SetPriorityClass
GetModuleHandleA
GetStringTypeW
GetLogicalDrives
GetLocalTime
SetFilePointer
ReadFile
GetPrivateProfileStringA

netshell

DllGetClassObject
DllRegisterServer
HrLaunchConnection
HrGetIconFromMediaType

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dataz
Size: 296KB - Virtual size: 296KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.orpc
Size: 1024B - Virtual size: 524B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE