401ab68a7ca3b7ca1af26cec215344cf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

401ab68a7ca3b7ca1af26cec215344cf_JaffaCakes118
Size

372KB
MD5

401ab68a7ca3b7ca1af26cec215344cf
SHA1

afb6361d6262a76f224bf89f3ffecf4c063bf296
SHA256

dbc217589482c44c59a06c6f3d80b72913254e8c24f8d421f5c204ed167310cd
SHA512

da040f7e93a87b10a8244234e8cba766cdc3f25360974ab4c5ca3870bbff6ff185d59afa47e97a1de8fdf57f8cda751463cc74f9cc83346528cdf4ea6fedfaff
SSDEEP

6144:6P1jvjVcVAC2FXgEr8fE0ASg3/YQvRNMVlJi41fv4Dw:kVvjVkCrSvoZNyl5fwD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
401ab68a7ca3b7ca1af26cec215344cf_JaffaCakes118

Files

401ab68a7ca3b7ca1af26cec215344cf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8795879d07afded20ebca52ec04cc8e3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeA
GlobalSize
CloseHandle
GlobalFree
CreateFileW
GetModuleHandleW
GetTickCount
LocalFree
FindVolumeClose
GetExitCodeProcess
GetLocalTime
ReadFile
GetComputerNameW
lstrlenA
FreeConsole
VirtualAlloc
GetPrivateProfileIntW
SetEvent
ReleaseMutex
ExitThread

user32

CreateWindowExA
GetCursorInfo
GetKeyState
CallWindowProcA
GetClassInfoA
GetDlgItem
GetMenu
DrawStateW
SetFocus
GetClientRect
DispatchMessageA
EndDialog
GetSysColor

clbcatq

ComPlusMigrate
ComPlusMigrate
ComPlusMigrate
ComPlusMigrate
DllGetClassObject

ntshrui

IsPathSharedA

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 363KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ