3d3eb9c8bb90cc610038f89095ac15f9_JaffaCakes118 | Triage

Sharing

General

Target

3d3eb9c8bb90cc610038f89095ac15f9_JaffaCakes118
Size

309KB
MD5

3d3eb9c8bb90cc610038f89095ac15f9
SHA1

9be1611a17fc0f522a65ab0298796e37d4a60b90
SHA256

aaea00f96af4653aee6401d807e67088a473a05d234e3bd04cb5a26e2654f3ce
SHA512

3f73d5f64446e8a86d94247eeb29f9c73b5c7fc44f22ce310fd948dd21179e111bd4dcbcd6a0f26806090f3e245b83a3a121e0354af30b1676690e6ab098da0d
SSDEEP

6144:Xk7PNMFwcgUXDR6CcAolvfHs+rhcAXduHFlPo:Aa8UXN6CcAMfHDjEHI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d3eb9c8bb90cc610038f89095ac15f9_JaffaCakes118

Files

3d3eb9c8bb90cc610038f89095ac15f9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bf8fd53264c9540c83023c7a91e16bf8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetTickCount
FindClose
SearchPathA
CreateSemaphoreA
GetLastError
GetCommandLineA
FreeConsole
GetComputerNameA
OpenMutexA
DeleteCriticalSection
Sleep
ReleaseMutex
SetLastError
GetModuleHandleA
SetEvent
GetBinaryTypeA
CreateMutexA
TlsGetValue
VirtualProtect

shell32

ShellMessageBoxA
SHGetDiskFreeSpaceA
SHFree
SheChangeDirA
DragQueryPoint
SHAlloc
DragQueryFileA
DragFinish
ShellAboutA
SHGetSettings
DragAcceptFiles
SHGetNewLinkInfo
SHGetMalloc
SheGetDirA

loghours

DialinHoursDialogEx
DialinHoursDialog
DirSyncScheduleDialogEx
LogonScheduleDialog
DirSyncScheduleDialog

advapi32

RegCloseKey

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ