1374e539e4f550990916accf39d88c6e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1374e539e4f550990916accf39d88c6e_JaffaCakes118
Size

233KB
MD5

1374e539e4f550990916accf39d88c6e
SHA1

1e21a4592cf54bcb14ef7f9c31ca05ab8f309225
SHA256

81afb471ca440c6401ccd70804257e230a49fafc0e692f2219bcff42b369b345
SHA512

dde339bcb0c159dba766c3f53f7ba436a240d93c2dc5993aa19d153ed23b2996fd737a8d77d090c69e206dff679a4f460c137b43c82dc219c3834f9fd91e0d4c
SSDEEP

6144:3hczSK0xst01yWrWfZFykIn/dTTl+nqQp6SCDNYnrHB:Szpm1ZSfZFWVQcSfnDB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1374e539e4f550990916accf39d88c6e_JaffaCakes118

Files

1374e539e4f550990916accf39d88c6e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0b6629000ac09c25c67b852c217fef1a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResetEvent
FindClose
SetEndOfFile
AddAtomA
GetProfileIntW
HeapCreate
ExitProcess
CreateFileA
GetTickCount
GetModuleHandleA
GetEnvironmentVariableA
GetTickCount
ReleaseMutex
GetCurrentDirectoryA
HeapDestroy
WaitForSingleObject
SuspendThread
GetFileSize
CloseHandle
GetStartupInfoW
CreateMutexW
HeapSize
InitializeCriticalSection
SetLastError
DeleteFileA

shell32

DllUnregisterServer
DuplicateIcon
ShellAboutA
SHFree
ShellMessageBoxA
DragQueryFileA
ExtractIconA
SHGetSettings
DragAcceptFiles
SHGetMalloc
StrChrA
SHGetDiskFreeSpaceA
DragFinish

dpmodemx

SPInit
SPInit
SPInit
SPInit

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 724KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 226KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ