2612b011f6a5d928d8ddb5dbb043ca06_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2612b011f6a5d928d8ddb5dbb043ca06_JaffaCakes118
Size

22KB
MD5

2612b011f6a5d928d8ddb5dbb043ca06
SHA1

9cb47b0b81023d89f32ce260b9b284475b9c6c05
SHA256

17551ca966915f79d13aa04d4b97ac78613b0bca647b9875042b38ceec7ffc22
SHA512

324cd9900bad52c9218de83aa461177ec0b663337f23ec771c2fd0742ae0c33345722b185b26eb5a44c7e0b85dc3d150f2239ebf42bdac0fd94108eb6b5f44f1
SSDEEP

192:USf0jawHOWRuBb96tTiZYOewneLsal+NHNNEDO6PKOAkJOVn8LkTOdKGj1Qv8qj0:XMjBhRozYmneL+mC6VNwUKqAjKwE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2612b011f6a5d928d8ddb5dbb043ca06_JaffaCakes118

Files

2612b011f6a5d928d8ddb5dbb043ca06_JaffaCakes118
.exe windows:5 windows x86 arch:x86

75497f48c6db4c47e2b46a5f70c78448

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
CancelIo
IsBadReadPtr
GetModuleHandleA
GetTickCount
EnterCriticalSection
CloseHandle
HeapFree
GetCurrentDirectoryW
GetModuleFileNameA
FindVolumeClose
WriteFile
GetFileType
GetDriveTypeA
WaitForMultipleObjects
FindVolumeClose
GetFileTime
HeapCreate
GetCommandLineA
lstrlenA
CreateDirectoryA
LocalSize
ExitThread
CreateSemaphoreA
FindClose

uxtheme

GetThemeEnumValue
GetThemeTextExtent
GetThemeBool
SetWindowTheme
DrawThemeBackground
DrawThemeEdge
GetWindowTheme
GetThemeColor
CloseThemeData
CloseThemeData
OpenThemeData
IsThemeActive
GetThemeTextMetrics

drprov

NPGetCaps
NPGetCaps
NPGetCaps
NPGetCaps

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE