160b3c08054bd5d239317e364fd01ec2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

160b3c08054bd5d239317e364fd01ec2_JaffaCakes118
Size

233KB
MD5

160b3c08054bd5d239317e364fd01ec2
SHA1

cb3346ac70bde5c186ed50202c7d5763ade97eb1
SHA256

8453542ec1941e411ed31452c4e99199fe35cffaa452aa134d176142a5c3c8d6
SHA512

f0959079f297b3dff93ffdc179b2e52d525a0a3eb1fe584c78b00a57bc9eb341f583d45d81810512ad051d8f9b404ab92c1c32e5f2180e5a59d976061e8a88e3
SSDEEP

6144:WhczSK0xst01yWrWfZFykIn/dTTl+nqQp6SCDNYnrH/:xzpm1ZSfZFWVQcSfnD/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
160b3c08054bd5d239317e364fd01ec2_JaffaCakes118

Files

160b3c08054bd5d239317e364fd01ec2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

935977e356416f4b2e10252496bddafd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
GetStartupInfoW
SuspendThread
GetTickCount
DeleteFileA
CreateFileA
GetEnvironmentVariableA
WaitForSingleObject
FindClose
GetTickCount
GetCurrentDirectoryA
ReleaseMutex
GetFileSize
SetEndOfFile
ResetEvent
HeapDestroy
AddAtomA
GetModuleHandleA
CreateMutexW
CloseHandle
HeapCreate
HeapSize
InitializeCriticalSection
GetProfileIntW
ExitProcess

shell32

SHGetDiskFreeSpaceA
SHGetMalloc
DragAcceptFiles
SHGetSettings
SHFree
ShellAboutA
ExtractIconA
DragQueryFileA
DllUnregisterServer
DuplicateIcon
ShellMessageBoxA
DragFinish
StrChrA

dpmodemx

SPInit
SPInit
SPInit
SPInit

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 724KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 226KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ