JaffaCakes118_6645e92b316806858d4007fc46c0c400 | Triage

Sharing

General

Target

JaffaCakes118_6645e92b316806858d4007fc46c0c400
Size

123KB
MD5

6645e92b316806858d4007fc46c0c400
SHA1

8df8e4f1d2ce9d974c7032495692db9bddfb60b3
SHA256

75be164ad0c2b397a44bb80e76577c748cbfea79a059074d08ccad2c3267e6e8
SHA512

45126b470ea3450f99418c7194aa933755c6f4ef2ac22e2599a9a0a6cff30e16f5d13d4516114caba940f782bd805395beac90507dcd8afa532731ffdcdabd15
SSDEEP

3072:KH+xQtChtBzBQb+rr0EmqPXH0UF/ZmzYRk9:KexQtyBaC30EmqPXHLF/MzS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6645e92b316806858d4007fc46c0c400

Files

JaffaCakes118_6645e92b316806858d4007fc46c0c400
.exe windows:5 windows x86 arch:x86

879e7fa3bc90832b3a24f1441bbab61a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SuspendThread
ResumeThread
GetStdHandle
GetDriveTypeA
WriteFile
IsBadReadPtr
ReadConsoleW
HeapSize
SetLocalTime
GetPriorityClass
VirtualProtect
GlobalSize
GetProcessHeap
CreatePipe
GetModuleHandleA
ResumeThread
GetLocaleInfoA
CreateDirectoryA
GetCommandLineA
DeleteFileA
GetFileAttributesA

user32

GetWindowTextW
DispatchMessageA
wsprintfA
GetWindowLongA
SetCursor
GetMessageA
GetWindowLongA
SetRect
LoadCursorA
PeekMessageA
DrawIcon
SetFocus
DestroyMenu

els

DllRegisterServer
DllGetClassObject
DllRegisterServer
DllGetClassObject

rasapi32

DwCloneEntry

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE