42c0a038ee5943d0afa6444c214e3a7e_JaffaCakes118 | Triage

Sharing

General

Target

42c0a038ee5943d0afa6444c214e3a7e_JaffaCakes118
Size

358KB
MD5

42c0a038ee5943d0afa6444c214e3a7e
SHA1

ceb5580c61d024e6e63ec120d5050f065cbc9921
SHA256

642aaa7b2e9fc079b54d4e5fb9c40513bc92e6598ffbc8bf63bd87e672a3e8de
SHA512

ce32df6cb230088b928669b7ccba93a3dd4c9d1dadd0a62d960dce2dbdbaf3cb25a3d8e8237f81d041f27361bff48f5c4d11dcdfd6e7d0f896b8089d8ce2aa28
SSDEEP

6144:y01Yk7BnS1reexa5IMl7elkTLPHOqwGzKYz5IeF61KAQkvgprf:/1bnSUexa5NjTDuqwGzK0IUpkvgp7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42c0a038ee5943d0afa6444c214e3a7e_JaffaCakes118

Files

42c0a038ee5943d0afa6444c214e3a7e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

45acb0bef19ccae3228af56cef875301

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
LockResource
GetSystemTime
ResumeThread
LoadLibraryExA
HeapCreate
PeekConsoleInputA
GetConsoleCP
GetACP
GetUserDefaultLCID
GetAtomNameA
WaitForSingleObject
LocalLock
InterlockedExchange
GlobalSize
GetModuleHandleA
GetCommandLineA
WaitForSingleObject
lstrlenA
TlsGetValue
SetLastError

user32

DragDetect
FrameRect
GetCursorPos
AnyPopup
GetFocus
ReleaseDC
GetWindow
GetClassNameA
wsprintfA
BeginPaint
GetTitleBarInfo
ShowWindow
GetParent
CreateIcon
DrawTextA
SetForegroundWindow
GetDC
EndPaint
FillRect

ntshrui

DllGetClassObject
GetLocalPathFromNetResourceA
GetNetResourceFromLocalPathA
SetFolderPermissionsForSharing
DllCanUnloadNow

wshtcpip

WSHIoctl

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 556KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ