JaffaCakes118_4c263b602c9e6d3a5b38213bfe943622 | Triage

Sharing

General

Target

JaffaCakes118_4c263b602c9e6d3a5b38213bfe943622
Size

112KB
MD5

4c263b602c9e6d3a5b38213bfe943622
SHA1

b9161b73916b9f71b73f6e4ba5a5ad933e9ece35
SHA256

fb62d826421b033c74a94e2ab771505e40b516bf6d33768cbccf8760367d30bd
SHA512

183a831ccea537595a8b6d45e0022c13ffb1197dc2c7e8fc510cab02e707dbf4e0fbaa4ef9bcbd54d4f2cad52fc5b50514e22b3dcb636b02d3771982d985d720
SSDEEP

3072:edxxdOjXmWDWcpy0Q351TVZFiRqBv+X2ogaQ8:ORqwcU1p1T9WGf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_4c263b602c9e6d3a5b38213bfe943622

Files

JaffaCakes118_4c263b602c9e6d3a5b38213bfe943622
.exe windows:4 windows x86 arch:x86

a31bd146c87eb7661c5b2d614bda9e25

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetStartupInfoW
LeaveCriticalSection
SetFileTime
ReadFileEx
lstrcatA
CloseHandle
GetFileSize
GetExitCodeProcess
LoadLibraryA
HeapSize
HeapCreate
InterlockedExchange
SetFileTime
GetLastError
lstrcpyW
SetFileTime
SetConsoleTitleW
GetStringTypeA
IsBadWritePtr
CreateEventW

mstscax

DllUnregisterServer
DllRegisterServer
DllCanUnloadNow
DllGetClassObject

shell32

SHGetSettings
DragFinish
DllUnregisterServer
SHFree
DragQueryFileA
ExtractIconA
SHGetDiskFreeSpaceA
DragAcceptFiles
StrChrA
ShellAboutA
SHGetMalloc
DuplicateIcon
ShellMessageBoxW

rasapi32

DwRasUninitialize

Sections

.text
Size: 1024B - Virtual size: 844B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rich
Size: 1KB - Virtual size: 176B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ole
Size: 512B - Virtual size: 95B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ