JaffaCakes118_06191c74e18778df443f270437130d30 | Triage

Sharing

General

Target

JaffaCakes118_06191c74e18778df443f270437130d30
Size

120KB
MD5

06191c74e18778df443f270437130d30
SHA1

e7104bd49ec997ae83caac4f8045d22ce3285f82
SHA256

a83aa45e1f3923f0911f653900bcd81a90895075a93cce1a88c408711d6a1706
SHA512

eee1d93fcfbd92cb8f527ce645cd84db2d479dca377fa8f0872e5978e3af7ee9a97c0104fab2735664dd9746de969682bd17342f8d6058dc9a910a1eca4641e8
SSDEEP

3072:rE8E0ivvpYYEuYltd4NLXc6esTR3IwAj:rELvhYYEuY73KTMj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_06191c74e18778df443f270437130d30

Files

JaffaCakes118_06191c74e18778df443f270437130d30
.exe windows:4 windows x86 arch:x86

1353ef286707a04c9209c44d48c4ca53

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
SetEvent
CopyFileW
GetStartupInfoA
ReleaseMutex
GetFileAttributesA
GetPriorityClass
lstrlenW
GetCurrentDirectoryA
CloseHandle
IsDebuggerPresent
WriteConsoleW
lstrcpyW
CreatePipe
WriteConsoleW
GetStdHandle
DisconnectNamedPipe
GetLastError
HeapCreate
ClearCommBreak
WriteConsoleW

msftedit

SetCustomTextOutHandlerEx
RichListBoxWndProc
RichEditWndProc
RichComboBoxWndProc

shell32

DuplicateIcon
DllUnregisterServer
ShellMessageBoxA
StrChrA
DragFinish
ShellAboutA
DragAcceptFiles
DragQueryFileA
SHGetMalloc
ExtractIconA
SHFree
SHGetSettings
SHGetDiskFreeSpaceA

msasn1

ASN1BERDecBool

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 720B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.orpc
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ