c0115e76207506c06c737f718c20ba03_JaffaCakes118 | Triage

Sharing

General

Target

c0115e76207506c06c737f718c20ba03_JaffaCakes118
Size

109KB
MD5

c0115e76207506c06c737f718c20ba03
SHA1

1952ad5e46ec4f5bc1655b7264d1795709edd327
SHA256

b08c35981cde96d809831df473dc6d4008e6b250bd89c87046ef389dd794e67a
SHA512

2e1e5f847f1586a3cfe60a3cf8a4432231049894abcbca307fb4503663d95df95c2a1eeca8b2a2eca49fa3e116782f2af6dba98e4b9aa29951b3501d28fcfc30
SSDEEP

3072:Uo303Ed02dUD0fC4oxOlwXGrS57oAQHDr:PkMMxKNru7ov

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c0115e76207506c06c737f718c20ba03_JaffaCakes118

Files

c0115e76207506c06c737f718c20ba03_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6dc4f69293e217eb7e4da41ce3651246

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalSize
SetLastError
GetFileType
GetModuleHandleA
WaitForMultipleObjects
GetDriveTypeA
IsBadReadPtr
EnterCriticalSection
GlobalLock
HeapCreate
ReadFile
GetCommandLineA
CloseHandle
GetCurrentDirectoryW
lstrlenA
HeapFree
SetFileAttributesW
GetCommandLineW
SetLastError
GetFileAttributesA
FindClose
GetFileTime
ExitThread
MapViewOfFile
GetEnvironmentVariableW

uxtheme

GetThemeTextExtent
SetWindowTheme
IsThemeActive
OpenThemeData
CloseThemeData
GetThemeEnumValue
GetThemeBool
GetThemeTextMetrics
GetThemeColor
CloseThemeData
DrawThemeBackground
GetWindowTheme
DrawThemeEdge

dispex

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE