d9816bd522cd59c3d25f78a2faf36755_JaffaCakes118 | Triage

Sharing

General

Target

d9816bd522cd59c3d25f78a2faf36755_JaffaCakes118
Size

109KB
MD5

d9816bd522cd59c3d25f78a2faf36755
SHA1

8072408150541c91875beda5bba7ad354abc95e5
SHA256

dcf9e241ac102889ac5e68a9c0b3f6cd63a9d281e9cb90d91a60801cfcb93de2
SHA512

0a5b8a0d3a383e1c61b3d475b16769104a6d030edbd97fd12379b65668b2693d3261b4aa653a82365fd8cea7713d621e52ce95d0c370b1b31724506eca9b558d
SSDEEP

1536:yqR1aD+qxbr8T9hsGxLWcC0xq4MApiEvUC6v4J9rpVcR4+kMQWTc95etT3:yq2D+8bKsIWcC0Q4Jvl6e9rnQ4dFetT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d9816bd522cd59c3d25f78a2faf36755_JaffaCakes118

Files

d9816bd522cd59c3d25f78a2faf36755_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f48650c407d8e7f0dd65c5493a997614

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileType
GetCommandLineW
WaitForSingleObject
GetEnvironmentVariableW
SetLastError
EnterCriticalSection
GetFileAttributesA
FindAtomW
ReadFile
MapViewOfFile
CloseHandle
SuspendThread
GetFileTime
HeapFree
ExitProcess
GetCurrentDirectoryW
GetModuleHandleA
DeleteFileW
Sleep
RemoveDirectoryA
SetFileAttributesW
SetLastError
GetTickCount
HeapCreate
IsBadReadPtr

uxtheme

GetThemeBool
GetThemeEnumValue
GetThemeColor
SetWindowTheme
DrawThemeBackground
CloseThemeData
GetThemeTextMetrics
DrawThemeEdge
CloseThemeData
GetWindowTheme
OpenThemeData
GetThemeTextExtent
IsThemeActive

cmpbk32

PhoneBookFreeFilter
PhoneBookFreeFilter
PhoneBookFreeFilter
PhoneBookFreeFilter

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE