393e99d639f1971d968ed695697c26e9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

393e99d639f1971d968ed695697c26e9_JaffaCakes118
Size

372KB
MD5

393e99d639f1971d968ed695697c26e9
SHA1

dcf9750e49befdbfc6c6b722442281dbebe31d5f
SHA256

8321b9f57a9521fd5102e9a75340b64a3b67423a74359d5544985dbb669e157d
SHA512

be699a6b2fd8ffe52ea6ba6384bbe84319ed041a9b41b12d9b6a88d1de193b71e1de8ccede865ff0352f98e6df52180445ccd62d345533f18f807b0eba040697
SSDEEP

6144:FGjjvjVcVAC2FXgEr8fE0ASg3/YQvRNMVlJi41fv4Dw:FGnvjVkCrSvoZNyl5fwD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
393e99d639f1971d968ed695697c26e9_JaffaCakes118

Files

393e99d639f1971d968ed695697c26e9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

be6394ae6a776e67ad73fb197903efce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocalTime
GetModuleHandleW
GlobalSize
ReleaseMutex
SetEvent
GetPrivateProfileIntW
GlobalFree
ExitThread
CreateFileW
GetTickCount
FindVolumeClose
GetDriveTypeA
GetExitCodeProcess
LocalFree
VirtualAlloc
ReadFile
CloseHandle
lstrlenA
FreeConsole
GetComputerNameW

user32

GetDlgItem
DispatchMessageA
GetKeyState
GetSysColor
GetMenu
EndDialog
CallWindowProcA
SetFocus
GetCursorInfo
GetClassInfoA
DrawStateW
CreateWindowExA
GetClientRect

clbcatq

ComPlusMigrate
ComPlusMigrate
ComPlusMigrate
ComPlusMigrate
DllGetClassObject

ntshrui

IsPathSharedA

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 363KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ