1623b6e5a3a95e12fadc950446bd43a2_JaffaCakes118 | Triage

Sharing

General

Target

1623b6e5a3a95e12fadc950446bd43a2_JaffaCakes118
Size

282KB
MD5

1623b6e5a3a95e12fadc950446bd43a2
SHA1

01fbfa9587739caf4f36d1c2b64448af3a386789
SHA256

85ee8303369b80e65ba5c59c9f6ecec31e330b1913551cc0ba5ff962ba8be2ef
SHA512

fa45e24ccaeec952968288183d5cbcfee8880a52ca3c2ec4565613e0db80baf7a4473450e62c8890836287f69c5f9b3bd99c6fb97bbe8f9705e75666f27f656c
SSDEEP

6144:Qw6ep8BqL8tE+hj75g1aP4TRkZCPFzBwq+vzC+qFIZcI:Qw628fbCPFzqNmFA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1623b6e5a3a95e12fadc950446bd43a2_JaffaCakes118

Files

1623b6e5a3a95e12fadc950446bd43a2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

30ab56e1e1214b930a80657024c3c95b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindVolumeClose
GetFileAttributesA
GetFileType
GlobalLock
MapViewOfFile
HeapCreate
HeapFree
FindVolumeClose
IsBadReadPtr
CloseHandle
GetCommandLineA
WaitForMultipleObjects
ExitThread
GetModuleHandleA
GetDriveTypeA
GetEnvironmentVariableW
EnterCriticalSection
FindClose
GetCommandLineW
ReadFile
LocalSize
GetFileTime
SetFileAttributesW
GetCurrentDirectoryW
lstrlenA

uxtheme

DrawThemeBackground
GetThemeBool
OpenThemeData
GetThemeTextMetrics
CloseThemeData
DrawThemeEdge
CloseThemeData
GetWindowTheme
GetThemeTextExtent
GetThemeColor
SetWindowTheme
GetThemeEnumValue
IsThemeActive

dmocx

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 738KB - Virtual size: 738KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE