89be2006adc24ec1e8afea5bf42ed8bb_JaffaCakes118 | Triage

Sharing

General

Target

89be2006adc24ec1e8afea5bf42ed8bb_JaffaCakes118
Size

111KB
MD5

89be2006adc24ec1e8afea5bf42ed8bb
SHA1

156d247ed0a610359ae042f2ef39f74b84cbe03c
SHA256

c278b6514b7ad0662e4b31f1853e792b85abe84bda3279048f55609aa3bf9bc1
SHA512

ecd320bec3441306300d857495970a1149ff3b0cf4c87a8c4d110cc97d438dc899f6623e3a52d90401b3af8b69f8459d70c9a756c682ed5ab89cb25f9a5a8bf2
SSDEEP

1536:qG+aCqGrHLYxgE76qarAtdjO3Oh2r+o3qsh84Cb6lXFr45SgRnOF+n:XHC1rHLdEXWudaqXPLX6dG9R++

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89be2006adc24ec1e8afea5bf42ed8bb_JaffaCakes118

Files

89be2006adc24ec1e8afea5bf42ed8bb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7838b9bb7284e4cc84bf8bcfbbbeeffd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetStdHandle
FindClose
FindAtomA
RemoveDirectoryA
ResetEvent
HeapFree
GetFileType
GetVersion
SetEvent
RemoveDirectoryA
GetDriveTypeW
CreateMailslotA
GetSystemTime
VirtualProtectEx
WriteFile
FindClose
CreateDirectoryA
SetVolumeLabelW
CreateEventA
WriteConsoleA
IsBadCodePtr
ExitThread
GetCommandLineA
GetModuleHandleA
ReleaseMutex

uxtheme

GetThemeRect
IsThemeActive
SetWindowTheme
OpenThemeData
GetThemeTextMetrics
DrawThemeEdge
DrawThemeBackground
GetThemeSysSize
CloseThemeData
CloseThemeData
GetThemeTextExtent
GetThemeColor
GetWindowTheme

rasmxs

DeviceEnum
DeviceEnum
DeviceEnum
DeviceEnum

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ