ca7e2b5b8bc35576479b1bd7d9cc90fa_JaffaCakes118 | Triage

Sharing

General

Target

ca7e2b5b8bc35576479b1bd7d9cc90fa_JaffaCakes118
Size

109KB
MD5

ca7e2b5b8bc35576479b1bd7d9cc90fa
SHA1

3b2858f47e536e5953e20a974bc1c44c97cc6487
SHA256

5947fd8a294ce2a4a6b5bb4e1185a68d863cf24ccab08a7c81df63d7f082401a
SHA512

537067b933f9f4aa6902f9b1755b692c3564ad0230beb8f9c26e882072331e891d2bff7f16dfb3cee62661355727da3f09751ce308dfc3c54661157416866ec4
SSDEEP

3072:pigo8nMdAb9scEQNj/iHa5Gnef39YCY//65:p9zU4OcEVH4GneB6y5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca7e2b5b8bc35576479b1bd7d9cc90fa_JaffaCakes118

Files

ca7e2b5b8bc35576479b1bd7d9cc90fa_JaffaCakes118
.exe windows:5 windows x86 arch:x86

890000b4696f45b159c924c9d16e1c15

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalSize
GetFileTime
WaitForMultipleObjects
GetDriveTypeA
GetCurrentDirectoryW
GetModuleHandleA
SetLastError
GetCommandLineW
ReadFile
EnterCriticalSection
FindClose
HeapFree
GlobalLock
lstrlenA
GetFileType
MapViewOfFile
SetFileAttributesW
GetCommandLineA
ExitThread
IsBadReadPtr
GetFileAttributesA
GetEnvironmentVariableW
SetLastError
HeapCreate
CloseHandle

uxtheme

CloseThemeData
CloseThemeData
GetThemeTextExtent
GetThemeBool
DrawThemeEdge
OpenThemeData
GetThemeColor
GetWindowTheme
SetWindowTheme
DrawThemeBackground
GetThemeTextMetrics
IsThemeActive
GetThemeEnumValue

dispex

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE