JaffaCakes118_67ea8e01c8f9c8e1a5879ad0c6ef23b0 | Triage

Sharing

General

Target

JaffaCakes118_67ea8e01c8f9c8e1a5879ad0c6ef23b0
Size

124KB
MD5

67ea8e01c8f9c8e1a5879ad0c6ef23b0
SHA1

64019c875f479b281e7192c88a4a9bed8ff8bdd8
SHA256

6ecf94c759c4ed0c6af65ddfb31166c87ff6bffc95469bc3284d88801af5eb9f
SHA512

c36f35d757bf319ebb12b234a0be3b73bebc42b394dcbb679088fbdaca4de2f55c8f52296b4be5405f67f5e0677432f2530b967c7cf375bd6f3c9f90d2ae13c9
SSDEEP

3072:kdKWs4ceV24xJluB092IuHtX5J52gHfQqB6kH:2jFV9U0oI8GgpckH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_67ea8e01c8f9c8e1a5879ad0c6ef23b0

Files

JaffaCakes118_67ea8e01c8f9c8e1a5879ad0c6ef23b0
.exe windows:5 windows x86 arch:x86

bd857585a2751d554134d3ed31342fd3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SuspendThread
GetCommandLineA
DeleteFileA
GetFileAttributesA
IsBadReadPtr
GlobalSize
CreateDirectoryA
GetLocaleInfoA
ResumeThread
GetPriorityClass
CreatePipe
GetDriveTypeA
VirtualProtect
SetLocalTime
WriteFile
GetModuleHandleA
GetProcessHeap
ResumeThread
GetStdHandle
ReadConsoleW
HeapSize

user32

GetCapture
LoadCursorA
GetMessageA
GetCaretPos
SetCursor
DrawIcon
PeekMessageA
DispatchMessageA
GetWindowLongW
GetWindowTextW
DestroyMenu
SetFocus
wsprintfA

els

DllGetClassObject
DllGetClassObject
DllRegisterServer
DllRegisterServer

rasapi32

DwCloneEntry

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE