315b81b62fb81baa990f1317f1b68610_JaffaCakes118 | Triage

Sharing

General

Target

315b81b62fb81baa990f1317f1b68610_JaffaCakes118
Size

133KB
MD5

315b81b62fb81baa990f1317f1b68610
SHA1

5ef8d02424ea2cf9ca60d9d093a6e86c59891bf3
SHA256

ef538c20fd4b836aa220becef9239d72b78d527e9a85107883e5031105b4ed11
SHA512

036bd91195df95b2aa064e4f7024f7ed0c3dee28c768418e17fdedefa8ef12036e332d83a5972900eafeb4f76e843e8514d89199d0ebc4ed819ad5d0ad914721
SSDEEP

3072:REcK7AfqdbZLVzX9r+urLAlVbrwQxiBh66FsqAHb5:ml7AfqddL59CQAjbiBh66sq+b5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
315b81b62fb81baa990f1317f1b68610_JaffaCakes118

Files

315b81b62fb81baa990f1317f1b68610_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ed8cbd7c655ac071c49037f8f209067e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddAtomW
RemoveDirectoryA
Beep
GetModuleFileNameA
IsBadWritePtr
SetVolumeLabelA
FindAtomA
WriteFile
GetFileType
GetDriveTypeA
GetVersion
ExitThread
SetLastError
FindClose
CreateDirectoryA
GetModuleHandleA
CloseHandle
CreateSemaphoreW
HeapFree
HeapCreate
RemoveDirectoryA
WaitForMultipleObjects
GetCommandLineA
GetTapeStatus
CreatePipe

uxtheme

OpenThemeData
DrawThemeEdge
GetThemeTextExtent
CloseThemeData
GetThemeColor
GetThemeTextMetrics
GetThemeSysSize
CloseThemeData
GetThemeBool
GetWindowTheme
IsThemeActive
DrawThemeBackground
SetWindowTheme

olesvr32

OleRevokeServer
OleRevokeServer
OleRevokeServer
OleRevokeServer

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 125KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE