JaffaCakes118_62ee139edd059d56af11ef7bddeef1a0 | Triage

Sharing

General

Target

JaffaCakes118_62ee139edd059d56af11ef7bddeef1a0
Size

120KB
MD5

62ee139edd059d56af11ef7bddeef1a0
SHA1

a001acc8859ce0f4a30193a4e1271adf6c8e4113
SHA256

4d1afc2267168a3445f341abf312f0a85094a4e83617e0bed383314e8b5f805b
SHA512

fc9751fccf631b438868793a5dc286164e781dff6eba60f8bd044c151524fbaf64676a368dc6db722706388e63228795b4638a7814a14e85bcfd781e44d4c044
SSDEEP

3072:Zl3bzLX5wvsm0U4nFwdUXNl+Ihrxg4HJlWm44EOczdXQn/s:P3PDQF0U4nIUnVhH7wOczdwE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_62ee139edd059d56af11ef7bddeef1a0

Files

JaffaCakes118_62ee139edd059d56af11ef7bddeef1a0
.exe windows:5 windows x86 arch:x86

c867135712ceb0887b8de565b5c6ee1c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

HeapSize
VirtualProtect
GetModuleHandleA
CancelIo
CreateDirectoryA
SetLastError
SetLocalTime
GetStdHandle
ReadConsoleW
WriteFile
DeleteFileA
GetCommandLineA
CreateMailslotA
GetDriveTypeW
IsBadWritePtr
GetFileAttributesA
RemoveDirectoryA
ResetEvent
GetProcessHeap
ReleaseMutex
GetLocaleInfoA

user32

DispatchMessageA
PostMessageW
PeekMessageA
GetCapture
DrawIcon
GetWindowLongW
SetCursor
SetFocus
DestroyMenu
wsprintfA
GetWindowTextW
LoadCursorA
GetCaretPos

filemgmt

DllUnregisterServer
DllRegisterServer
DllGetClassObject
DllRegisterServer

rasapi32

DwRasUninitialize

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imp
Size: 512B - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ