13cbcc83053323845d257dfbb609d650_JaffaCakes118 | Triage

Sharing

General

Target

13cbcc83053323845d257dfbb609d650_JaffaCakes118
Size

59KB
MD5

13cbcc83053323845d257dfbb609d650
SHA1

835ba9b2fc9089343d8f443efacd4f09f7b0eeb6
SHA256

068eac8dff178c0af9fa44b1431c507f8a41fe30bb03cc0a145ddefbf664a9cb
SHA512

b0063f893b2ea7835530f6f49408bef353ef39cbd829b61b154f1432a6223058b47e6b53ebd65be30fe683b363994c62ab96442d20f5a7beebe3114586d3b040
SSDEEP

384:diQb9TkTjcrWrKcLwMiKsp+1lAt+LwyC/gBMqxZK6r1Hoh5UhshI1ZlX:dhuTYCLuK++1lrLwtgSqxZHr12Shshc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13cbcc83053323845d257dfbb609d650_JaffaCakes118

Files

13cbcc83053323845d257dfbb609d650_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c91934ec726c27277b89e06095009b34

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
SetFileTime
CloseHandle
lstrcpyW
GetLastError
SetFileTime
lstrcatA
InterlockedExchange
SetConsoleTitleW
GetStartupInfoW
HeapCreate
HeapSize
IsBadWritePtr
GetStringTypeA
CreateEventW
LeaveCriticalSection
LoadLibraryA
SetFileTime
ReadFileEx
GetExitCodeProcess
GetFileSize

adsldpc

ADsCloseSearchHandle
ADsEnumClasses
ADsDeleteDSObject
ADsCreateDSObject

shell32

DragAcceptFiles
DragQueryFileA
ShellMessageBoxW
StrChrA
DllUnregisterServer
ExtractIconA
SHFree
SHGetMalloc
SHGetSettings
SHGetDiskFreeSpaceA
DragFinish
ShellAboutA
DuplicateIcon

uxtheme

SetWindowTheme

Sections

.text
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rich
Size: 1KB - Virtual size: 176B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ole
Size: 512B - Virtual size: 95B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RSRC
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ