JaffaCakes118_670585a9d65ea5fa23e058f7427a1750 | Triage

Sharing

General

Target

JaffaCakes118_670585a9d65ea5fa23e058f7427a1750
Size

121KB
MD5

670585a9d65ea5fa23e058f7427a1750
SHA1

dadc41ffcaa57c2f0a42f11197e1f9923406b232
SHA256

ba694997aa1c0cb1270500b970b6cec172e34c436383c8ad7e8dcf016ca6b4d1
SHA512

acc248e97db611e479ea13c5d2b9b6f16884d9852491f03741e7ad5f2082c1ef65cbb2784be36b609e12232c8bdf35330be6106eb3fb80f7cdf6db0e6901b9f3
SSDEEP

1536:NaZbHcTLKStW9geojHWykTNkEMXV2V54+u25BiidBjfSiXejlkRK0m:acTdtW7oj2yk3qVbGVX9k0m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_670585a9d65ea5fa23e058f7427a1750

Files

JaffaCakes118_670585a9d65ea5fa23e058f7427a1750
.exe windows:5 windows x86 arch:x86

91549f0d75817dd19af120f72ead3c21

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetCommandLineA
RemoveDirectoryA
CreateDirectoryA
GetDriveTypeW
CreateMailslotA
ReleaseMutex
VirtualProtect
GetProcessHeap
ResetEvent
GetLocaleInfoA
GetModuleHandleA
GetStdHandle
GetFileAttributesA
MapViewOfFile
SetLastError
WriteFile
SetLocalTime
CancelIo
DeleteFileA
HeapSize
IsBadWritePtr

user32

LoadImageA
PostMessageW
SetFocus
DispatchMessageA
PeekMessageA
wsprintfA
GetWindowTextW
GetCapture
SetCursor
LoadCursorA
GetWindowLongW
GetCaretPos
DestroyMenu

filemgmt

DllRegisterServer
DllGetClassObject
DllRegisterServer
DllUnregisterServer

rasapi32

DwRasUninitialize

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imp
Size: 512B - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ