179b2934797bb3dd201afaecfc7a7e7d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

179b2934797bb3dd201afaecfc7a7e7d_JaffaCakes118
Size

358KB
MD5

179b2934797bb3dd201afaecfc7a7e7d
SHA1

d39acdfdef1b9e04902ab4b1487f21e0347e80af
SHA256

afb1139c4c054975a3148d97aa2e14cd95cfacefc06ca9f5d318ec0240373c00
SHA512

b605a5f358b6bbaaafd8ffbca724485aedfbb54983eb0f3291a675f2775d07a383cfa60792ff01a06282c26720349831409d905f13085dfbc10c69419fb01d9c
SSDEEP

6144:VK11GLnGK090QKtYo6e9yydWM/EMMmYLZlFSUNbji9Yv30FW:VK1mGK090rq6y6OnFNpAuEFW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
179b2934797bb3dd201afaecfc7a7e7d_JaffaCakes118

Files

179b2934797bb3dd201afaecfc7a7e7d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

29824111e91c950278bf3f62bc0fae3c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
ResumeThread
GetAtomNameA
LoadLibraryExA
GetSystemTime
InterlockedExchange
HeapCreate
GetConsoleCP
LockResource
TlsGetValue
SetLastError
WaitForSingleObject
GetUserDefaultLCID
WaitForSingleObject
GetCommandLineA
lstrlenA
VirtualProtect
LocalLock
GlobalSize
GetModuleHandleA
PeekConsoleInputA

user32

DragDetect
ReleaseDC
GetTitleBarInfo
GetWindow
AnyPopup
ShowWindow
SetForegroundWindow
FillRect
FrameRect
GetClassNameA
DrawTextA
BeginPaint
wsprintfA
CreateIcon
EndPaint
GetCursorPos
GetParent
GetDC
GetFocus

ntshrui

DllCanUnloadNow
GetNetResourceFromLocalPathA
DllGetClassObject
SetFolderPermissionsForSharing
GetLocalPathFromNetResourceA

wshtcpip

WSHIoctl

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 556KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ