13501177aa6d91d60734eb87290ca76c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

13501177aa6d91d60734eb87290ca76c_JaffaCakes118
Size

746KB
MD5

13501177aa6d91d60734eb87290ca76c
SHA1

14b837413aba3a00d756fec23e1eeeb054a75d4f
SHA256

b8f3f2243dbd5512833cda9c20b4a7974b8c2a3b1df30b2468398f5178c4636c
SHA512

b0b980652cfeb30d66adfa2d43c3459fa9ba59b3b22017002150054b3771c76b34c3c42838a6296d2c4eb5d5de2465dd49cf9b68a6cde815f4d052396be09ad2
SSDEEP

12288:7765YHPgB8AyeD3AlHjSvDeQVpoDB8e2k7TT4fpNFUz3HjhR3OfDV:7RoJbrAkiQGBW4T4BNOjKr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13501177aa6d91d60734eb87290ca76c_JaffaCakes118

Files

13501177aa6d91d60734eb87290ca76c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1fd76b74a733704f00caa716150ec724

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
SetFileAttributesW
GetFileType
MapViewOfFile
ExitThread
WaitForSingleObject
SetLastError
GetEnvironmentVariableW
SetLastError
GlobalLock
IsBadReadPtr
EnterCriticalSection
ReadFile
GetFileTime
GetCommandLineW
CloseHandle
GlobalSize
HeapCreate
Sleep
GetDriveTypeA
GetModuleHandleA
GetCurrentDirectoryW
GetCommandLineA
HeapFree
SuspendThread

uxtheme

SetWindowTheme
DrawThemeBackground
CloseThemeData
GetThemeBool
GetThemeTextMetrics
IsThemeActive
GetThemeTextExtent
DrawThemeEdge
GetThemeColor
CloseThemeData
OpenThemeData
GetThemeEnumValue
GetWindowTheme

deskmon

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 738KB - Virtual size: 738KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE