f83410b9a04171ac6a75b05d60b81229_JaffaCakes118 | Triage

Sharing

General

Target

f83410b9a04171ac6a75b05d60b81229_JaffaCakes118
Size

109KB
MD5

f83410b9a04171ac6a75b05d60b81229
SHA1

33b9058765b94ba6337f5bc2175e3dafdef03d2f
SHA256

db9fefb4c9df8d782125e2b5555fe059f3bd7bbe6e531f85714d95e321254032
SHA512

bd39fd356ebf7f2be6220fb1a8844b6d437134389fa6f4d677ec2bb7ba03bf9ecce511aa9424ef8e15aab20947e066f4f2e50e224589d969eac18bbc6b765ca3
SSDEEP

3072:VI1FjuOnDgv7TWHaQ6QBlVVX4x8AuBLuGEJP:8nD07TEBVVX4x8A+LuJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f83410b9a04171ac6a75b05d60b81229_JaffaCakes118

Files

f83410b9a04171ac6a75b05d60b81229_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9f03d3d7704103696181c486c80f3eac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalLock
FindClose
GetFileTime
GetFileType
SetFileAttributesW
HeapCreate
GetCommandLineA
ReadFile
ExitThread
IsBadReadPtr
GlobalSize
MapViewOfFile
HeapFree
SetLastError
GetEnvironmentVariableW
lstrlenA
GetDriveTypeA
GetCommandLineW
EnterCriticalSection
WaitForMultipleObjects
GetFileAttributesA
GetCurrentDirectoryW
SetLastError
CloseHandle
GetModuleHandleA

uxtheme

IsThemeActive
CloseThemeData
CloseThemeData
GetThemeTextExtent
GetThemeTextMetrics
OpenThemeData
GetThemeEnumValue
GetThemeColor
DrawThemeEdge
GetWindowTheme
SetWindowTheme
DrawThemeBackground
GetThemeBool

dispex

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE