1717f48f3a571314136638863ff32db7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1717f48f3a571314136638863ff32db7_JaffaCakes118
Size

264KB
MD5

1717f48f3a571314136638863ff32db7
SHA1

1216d5ad0a95dad080e3c05b83bf20510a4b6e39
SHA256

bb2bf916c2d948ce5686376f477f6a6d11715910beb281167a6e1a64c5400a1c
SHA512

00d1f6a9a5dddb5162028be46d2b09a2c72ce9204f9ca4c8aaad98c54aadf73f66abec4e1b527997ca12b2afdaa71eb2da41005a29edd4b7252b6590973f6753
SSDEEP

6144:tgDkEgtVNm01OZBzoxr5FlZu3XheLw6qyi1FMTI8lCBXDVe:OD1WV0mOZpoJjlZunhONe1GCve

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1717f48f3a571314136638863ff32db7_JaffaCakes118

Files

1717f48f3a571314136638863ff32db7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8739603e3342822fc04efadf5ac9df69

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryW
VirtualProtect
GetProcessHeap
CreateHardLinkW
GetStdHandle
GetFileAttributesA
Sleep
SetLastError
OpenSemaphoreA
DeleteFileW
CreateSemaphoreA
LoadLibraryA
GetTickCount
SetEvent
GetFileSize
GetStartupInfoA
CreateFileA
CreateMutexW
SetLastError
HeapSize
GetPriorityClass
ReadConsoleW
MapViewOfFile
HeapDestroy
GetLocalTime

clbcatq

DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer

sqlwoa

_DeleteFile@4
_GetFileTitle@12
_CharUpper@4
_CharLower@4

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 296KB - Virtual size: 295KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE