1624e3f2bc1c542d3b8e6caaac85bb49_JaffaCakes118 | Triage

Sharing

General

Target

1624e3f2bc1c542d3b8e6caaac85bb49_JaffaCakes118
Size

387KB
MD5

1624e3f2bc1c542d3b8e6caaac85bb49
SHA1

5f1eefa183c886a260e505f169f2236975b9a8f5
SHA256

c723cb550f2b9d8bef7645e66dd3c1ccc4214c39c4a9df2b203426e69bbaeda0
SHA512

80fcdc0327ac4dc027f76bf04263f209514248c67e661b3e8cd763a819688b36ee751403b90acaf497e9eb006d382f342339a10a21a733fe167c54b71ad3ce74
SSDEEP

12288:Lt9gLDbRnxFCke/ZFjrmI5XXyPf2VjDB:LqHRnxM1hFjCySfwjDB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1624e3f2bc1c542d3b8e6caaac85bb49_JaffaCakes118

Files

1624e3f2bc1c542d3b8e6caaac85bb49_JaffaCakes118
.exe windows:5 windows x86 arch:x86

36a746f23b2b7585ac5b2d9ba9511582

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
MapViewOfFile
SetLastError
HeapFree
ExitThread
ReadFile
GetEnvironmentVariableW
GlobalLock
EnterCriticalSection
SetLastError
HeapCreate
GetCommandLineA
GetFileAttributesA
IsBadReadPtr
GetFileTime
CloseHandle
GetModuleHandleA
WaitForMultipleObjects
GetCurrentDirectoryW
GetCommandLineW
GetDriveTypeA
GlobalSize
GetFileType
lstrlenA
SetFileAttributesW

uxtheme

SetWindowTheme
GetThemeBool
GetWindowTheme
GetThemeTextExtent
DrawThemeEdge
CloseThemeData
GetThemeEnumValue
DrawThemeBackground
GetThemeColor
OpenThemeData
IsThemeActive
GetThemeTextMetrics
CloseThemeData

dispex

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 532KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 380KB - Virtual size: 379KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE