JaffaCakes118_69de1b64b500707d928d5cdf12935ef4 | Triage

Sharing

General

Target

JaffaCakes118_69de1b64b500707d928d5cdf12935ef4
Size

125KB
MD5

69de1b64b500707d928d5cdf12935ef4
SHA1

0a4ecaf461ac08762470b312c8cb80f9c3cff063
SHA256

679f08bb7c7c84904c86a93a45081e64dc382681beaee2f78b0a75fa47d292bf
SHA512

7f61d9606d06c885349de17e816e366fcd69f19ace823707aa60ac59d7bf06ca18939957dc142c9a7cba50a3e0880307af2e0fd9206514cbe67d13435865ff13
SSDEEP

3072:TUjjV3rMKMD2qDUW2mCY3IltWlwuoIRd7MjRM:TUjjJXMD9gWBzkioA7Mj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_69de1b64b500707d928d5cdf12935ef4

Files

JaffaCakes118_69de1b64b500707d928d5cdf12935ef4
.exe windows:5 windows x86 arch:x86

66563c2a78f74273d35a1c9f1c00f364

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CancelIo
MapViewOfFile
VirtualProtect
GetStdHandle
ResetEvent
FindClose
CreateMailslotW
GetLocaleInfoA
SetLastError
ReleaseMutex
GetProcessHeap
IsBadWritePtr
GetFileAttributesA
GetModuleHandleA
FindResourceA
GetDriveTypeW
RemoveDirectoryA
GetCommandLineA
CreateDirectoryA
GetExitCodeThread
HeapSize

user32

GetWindowTextW
SetCursor
SetFocus
PeekMessageA
DispatchMessageA
GetCapture
wsprintfA
DestroyMenu
PostMessageW
LoadCursorA
GetWindowLongW
IsDialogMessageA
LoadImageA

hnetcfg

DllRegisterServer
DllCanUnloadNow
DllGetClassObject
HNetGetSharingServicesPage

rasapi32

DwRasUninitialize

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.import
Size: 512B - Virtual size: 464B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ