JaffaCakes118_6032b4e372ecf52d2760e9ab9dd19830 | Triage

Sharing

General

Target

JaffaCakes118_6032b4e372ecf52d2760e9ab9dd19830
Size

128KB
MD5

6032b4e372ecf52d2760e9ab9dd19830
SHA1

dad4a55400b3d8eb5b93604e95afd8a2fe42b580
SHA256

cc91435f19259eeaade9d5f4ecaea23b6c0cb43e305fa6cb03a02d47ac70107d
SHA512

906239217dde0f4759498aa1562cdca70d735f97fd8e2a10657add78e467819a51d5f891e250711679def46809f0e110566b53b7e426ffc9dbc0fbc53a3be53f
SSDEEP

1536:yd/tjZWBIt3Riztr4eiUbAWDFkSlsYuGOJ5Em0GumZDz/N04Zli8VAqxD7FyJp:ydFjsBIRRuEBfWx3sFNziqnNw8VP9sJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6032b4e372ecf52d2760e9ab9dd19830

Files

JaffaCakes118_6032b4e372ecf52d2760e9ab9dd19830
.exe windows:5 windows x86 arch:x86

cac2c1d151f146454dcd171a233a7ab6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

IsBadReadPtr
VirtualProtect
HeapSize
SetLocalTime
DeleteFileA
ReadConsoleW
GetFileAttributesA
GetProcessHeap
GetDriveTypeA
CreatePipe
GetLocaleInfoA
GetStdHandle
GetModuleHandleA
GetPriorityClass
WriteFile
ResumeThread
ResumeThread
SuspendThread
CreateDirectoryA
GlobalSize
GetCommandLineA

user32

GetCapture
PeekMessageA
DispatchMessageA
GetWindowLongW
GetMessageA
SetFocus
SetCursor
GetWindowTextW
GetCaretPos
DestroyMenu
DrawIcon
wsprintfA
LoadCursorA

els

DllGetClassObject
DllRegisterServer
DllGetClassObject
DllRegisterServer

rasapi32

DwCloneEntry

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE