13de7fbb795bab25c32afe2774e072fe_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

13de7fbb795bab25c32afe2774e072fe_JaffaCakes118
Size

8KB
MD5

13de7fbb795bab25c32afe2774e072fe
SHA1

3bda942115a1a8bcee7a9208c82143aaeee69ae0
SHA256

c97f10681af662bc045c97a2c5672e9fd4c5b2cf5cbe0dee11f6ab425435b9bf
SHA512

29f816490158e0c80e937f179c0f25d2a6b5c10ba538cc1e7836c8bb86e94178bf7670ab6b2b70544f21f6806816dc3e7169f5813323d8dc498f0829a123737e
SSDEEP

96:UPnt3RcA51+Mpbj+W92fdjUMwo8Oxhl+BBVkfqkYXEsxr0o9I8:UvtBcAOMxCY0T9GVkMXBr0o9I8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13de7fbb795bab25c32afe2774e072fe_JaffaCakes118

Files

13de7fbb795bab25c32afe2774e072fe_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ec28afabb197bc2a4c108a2b1bcb6d4c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualQuery
WaitForMultipleObjects
GetFileTime
GetFileAttributesA
GetCommandLineA
GetDriveTypeA
FindClose
CreateSemaphoreA
CancelIo
CloseHandle
FindVolumeClose
GetModuleFileNameA
ExitThread
FindVolumeClose
lstrlenA
GetModuleHandleA
HeapFree
IsBadReadPtr
LocalSize
CreateDirectoryA
WriteFile
GetCurrentDirectoryW
HeapCreate
GetTickCount
GetFileType

uxtheme

GetThemeEnumValue
GetThemeColor
DrawThemeBackground
SetWindowTheme
CloseThemeData
IsThemeActive
GetWindowTheme
OpenThemeData
GetThemeBool
CloseThemeData
GetThemeTextExtent
DrawThemeEdge
GetThemeTextMetrics

fltlib

FilterClose
FilterClose
FilterClose
FilterClose

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 767KB - Virtual size: 768KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE