16e8a9397ffa97c99dd750706908f4d9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

16e8a9397ffa97c99dd750706908f4d9_JaffaCakes118
Size

749KB
MD5

16e8a9397ffa97c99dd750706908f4d9
SHA1

bb38b113a688cb2c938ccf320fe90ddfad9939fa
SHA256

a0aa01ad65d918375794226053c9c03dec8b730e47247babff24945b9ee940a5
SHA512

60cf0827a03903214db2e51b886be381dcb490dde0a67ea57d4deb185c305dd76b770ccda5bbc061378a9dbfed9e804636ea3f638ee1778a2fd5891a32a67f77
SSDEEP

12288:6slvGAb7lPoqVEIG2dkBePyqazpiM50V3xwcP6hntbH+llx3nBMFD2CGT4NmZY8f:lGClw8EIG2SeLazpiGu3nPstbH+3n4qS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16e8a9397ffa97c99dd750706908f4d9_JaffaCakes118

Files

16e8a9397ffa97c99dd750706908f4d9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ceb3cd5fe5ee01e598d30e9e651a15ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTapeStatus
WriteFile
AddAtomW
WaitForMultipleObjects
RemoveDirectoryA
CreatePipe
CloseHandle
GetModuleFileNameA
GetCommandLineA
FindClose
Beep
GetVersion
CreateDirectoryA
RemoveDirectoryA
FindAtomA
DeleteAtom
GetModuleHandleA
HeapCreate
CreateSemaphoreW
GetFileType
GetDriveTypeA
SetVolumeLabelA
HeapFree
ExitThread
IsBadWritePtr

uxtheme

SetWindowTheme
DrawThemeEdge
OpenThemeData
IsThemeActive
GetWindowTheme
GetThemeTextMetrics
GetThemeTextExtent
CloseThemeData
GetThemeBool
DrawThemeBackground
GetThemeColor
GetThemeSysSize
CloseThemeData

odbcbcp

bcp_bind
bcp_bind
bcp_bind
bcp_bind

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 741KB - Virtual size: 740KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE