JaffaCakes118_6682c199f3c745dd30d530732e69c3d0 | Triage

Sharing

General

Target

JaffaCakes118_6682c199f3c745dd30d530732e69c3d0
Size

119KB
MD5

6682c199f3c745dd30d530732e69c3d0
SHA1

033c661d770ec0c0dbcb2d1e9ee97c89ffb24d5a
SHA256

168aec90d07e5b40dfb003a09d1b936c88898c83f944957a6b007dc15f1c882d
SHA512

7162e878272b707936160a013bff6c9d38b89a2ae452457de699e3467a0f5c5fa3c96d4113b826ba08ce9fdbe8d15dec697507321f3dfe8eba9cf19c8813f3a9
SSDEEP

3072:G9I9pjpb8US0OXF0BbQWHPAseqHz7kh09:qlUA0Bb/neqz9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6682c199f3c745dd30d530732e69c3d0

Files

JaffaCakes118_6682c199f3c745dd30d530732e69c3d0
.exe windows:5 windows x86 arch:x86

e986b7fd6de951e3d025eb6a4a522351

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SetEvent
lstrlenW
GetDriveTypeW
GetLastError
FindAtomW
GetLogicalDrives
Sleep
CopyFileA
GetPrivateProfileSectionW
ReadConsoleA
VirtualProtect
GetFileAttributesA
ReadConsoleA
GetStringTypeW
HeapSize
HeapDestroy
GetStartupInfoA
ReadConsoleA
LoadLibraryW
ReleaseMutex
CloseHandle

dsprop

ErrMsg
FindSheet
CheckADsError
MsgBox
FindSheet
ReportError
FindSheet
CheckADsError
ReportError
MsgBox
ErrMsg
MsgBox
ErrMsg

gpedit

DllCanUnloadNow
BrowseForGPO
ExportRSoPData
DllGetClassObject

Sections

.text
Size: 1024B - Virtual size: 789B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 266B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.import
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.export
Size: 512B - Virtual size: 50B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE