164accf3c138b4e8b3015e071db95a4c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

164accf3c138b4e8b3015e071db95a4c_JaffaCakes118
Size

109KB
MD5

164accf3c138b4e8b3015e071db95a4c
SHA1

52669381e82c7f800c769e4104386d0fe60d5fac
SHA256

d140499f56a7b6fbccf8955023f74c47051ba3700cc12ea689ee7f59a4ad8d16
SHA512

d87b0f3340b046dd076f46a732b2f74c8f0286fadfa929e2b70115a0a8c2cab7622518cbc17692373047f751bd887bc47f07af0ccec3050a451aed3703a28443
SSDEEP

3072:w6zz3Us2Gx33USQjLLZA+SO8AFh2w2qUvC3Pai:h33nVxn4LLcAFhXQqj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
164accf3c138b4e8b3015e071db95a4c_JaffaCakes118

Files

164accf3c138b4e8b3015e071db95a4c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f27465cab347df7241b9ef09419cafd9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
EnterCriticalSection
SetLastError
GetFileType
GlobalLock
ExitProcess
GetFileTime
GetModuleHandleA
GetTickCount
IsBadReadPtr
GetCommandLineW
MapViewOfFile
WaitForSingleObject
Sleep
GetEnvironmentVariableW
SetFileAttributesW
SetLastError
HeapCreate
LocalSize
GetFileAttributesA
GetDriveTypeA
SuspendThread
GetCurrentDirectoryW
HeapFree
ReadFile

uxtheme

GetWindowTheme
GetThemeColor
CloseThemeData
CloseThemeData
DrawThemeEdge
SetWindowTheme
IsThemeActive
OpenThemeData
GetThemeBool
DrawThemeBackground
GetThemeTextMetrics
GetThemeTextExtent
GetThemeEnumValue

credssp

SpVerifySignature
SpVerifySignature
SpVerifySignature
SpVerifySignature

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE