169b18fcc56c85c377708661edaac7b0_JaffaCakes118 | Triage

Sharing

General

Target

169b18fcc56c85c377708661edaac7b0_JaffaCakes118
Size

303KB
MD5

169b18fcc56c85c377708661edaac7b0
SHA1

8b8b41dad681ca6129a258344cd242822f7cb418
SHA256

296dbeb9b3da43c6d7d8593bfed7fcd72a742892f0e42a415617331ffc7dd028
SHA512

3b7e8a2c1549ab0020f7cc837667a6554e246b35ec8cef9191673055ca1d76dd913ea4acb6ab445f0220e822d97ee203fe435501265b96a54ed8fd79a67ce8ac
SSDEEP

6144:iJADPnPsHhCX+7FycFUMD7gltVGEnAg7scI40FHSCgttq6L0YLj5bHhE8Zsei:wiPnPDZ47g3jAgUQCg7HJBE/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
169b18fcc56c85c377708661edaac7b0_JaffaCakes118

Files

169b18fcc56c85c377708661edaac7b0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

634ba9d8d6ac4178406d23d6b1744ed0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
IsBadWritePtr
SetFileTime
ReadFile
HeapCreate
lstrcpyA
SetFileTime
InterlockedExchange
CreateEventA
GetStringTypeA
GetLastError
GetFileSize
SetConsoleTitleA
LeaveCriticalSection
HeapSize
GetExitCodeProcess
LoadLibraryA
CloseHandle
SetFileTime
lstrcatA
GetStartupInfoW

mstscax

DllGetClassObject
DllRegisterServer
DllUnregisterServer
DllCanUnloadNow

shell32

SHGetDiskFreeSpaceA
ShellMessageBoxW
StrChrA
ExtractIconA
DllUnregisterServer
DragFinish
DuplicateIcon
SHGetMalloc
SHFree
DragQueryFileA
ShellAboutA
DragAcceptFiles
SHGetSettings

rasapi32

DwRasUninitialize

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rich
Size: 1KB - Virtual size: 176B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ole
Size: 512B - Virtual size: 112B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 293KB - Virtual size: 293KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ