JaffaCakes118_60fd1fe579b1e5a97381563eed708690 | Triage

Sharing

General

Target

JaffaCakes118_60fd1fe579b1e5a97381563eed708690
Size

133KB
MD5

60fd1fe579b1e5a97381563eed708690
SHA1

f931e39b1a6e90942005a3ef6f750ff31b61acdd
SHA256

4ebdc06031a6d18034a3ad73d098dd2e8d029d13bcb615d7d92c72d031e1fbe6
SHA512

7b190528e40e7687a17636aca05873d112eb89d25bd322482fe5a87c98c879c94755a0122b4083030d33ef90b0e7a40427c072c53b134593488941e276b1a56e
SSDEEP

3072:HcL0q1s2/0z0YMpxm5ZLG36Rc6aSuX2uBopgt9Jt5:IG24L8xm5ZLA626eXZBAg9D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_60fd1fe579b1e5a97381563eed708690

Files

JaffaCakes118_60fd1fe579b1e5a97381563eed708690
.exe windows:5 windows x86 arch:x86

bd51180ecc57dfd72b6c0bebe79aa7c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetStringTypeA
LoadLibraryA
DeviceIoControl
GlobalFlags
GetCurrentProcess
CreateEventA
lstrlenA
HeapFree
CloseHandle
GetFileAttributesW
VirtualProtectEx
OpenMutexA
FindVolumeClose
GetFileAttributesW
GetCurrentThread
GlobalLock
GetPrivateProfileIntA
GetDriveTypeA
GetVersionExA
GetPrivateProfileSectionA
GetStdHandle

shell32

ShellAboutA
SHGetSettings
StrChrA
SHFree
DragQueryFileA
DragFinish
DuplicateIcon
DragAcceptFiles
ShellMessageBoxA
DllUnregisterServer
SHFree
SHGetMalloc
ExtractIconA

odbccp32

SQLGetAvailableDrivers
SQLInstallDriver
SQLConfigDataSource
SQLInstallODBC

uxtheme

CloseThemeData

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 508B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.import
Size: 512B - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ