JaffaCakes118_6dc861a9383cc8c63739e80507825694 | Triage

Sharing

General

Target

JaffaCakes118_6dc861a9383cc8c63739e80507825694
Size

127KB
MD5

6dc861a9383cc8c63739e80507825694
SHA1

6092c31fb43493b9b9e1a5a61dc41f382a5e5a0f
SHA256

17eaea0b3ef942b6ed921937c6ff84a31a5c3bd3332cb00e13cfea2e49d6bae4
SHA512

65aa75f0892cd710b7cdb2c7119dc1b3d19c26bda6f04bf60b077f43fea031f86cf471d971c3f0f5569fc2a04aa4882d777ab05011d86ec6a919df6c17c87574
SSDEEP

1536:Svxs04Y0wLJswSj0a1EvF+6yvZBc1nRUdMljeUdGH7ZspFMyEoQkCU9vp2OqKG:SvuWLJswSYag0DcVhdOoFS/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6dc861a9383cc8c63739e80507825694

Files

JaffaCakes118_6dc861a9383cc8c63739e80507825694
.exe windows:5 windows x86 arch:x86

56f0accd26aadd6bcab4931f0aca4063

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetProcessHeap
IsValidCodePage
CreateDirectoryA
SetLastError
GetTickCount
GetExitCodeThread
GetFileAttributesA
CreateMailslotW
GetLocaleInfoA
GetDriveTypeW
ResetEvent
FindClose
RemoveDirectoryA
IsBadWritePtr
GetFileAttributesA
HeapSize
FindResourceA
VirtualProtect
MapViewOfFile
GetModuleHandleA
CancelIo

user32

PeekMessageA
IsWindow
DispatchMessageA
LoadImageW
IsDialogMessageA
wsprintfA
SetFocus
SetCursor
GetWindowLongW
GetCapture
PostMessageW
LoadCursorA
GetWindowTextW

ipsmsnap

DllUnregisterServer
DllCanUnloadNow
DllGetClassObject
DllGetClassObject

rasapi32

DwRasUninitialize

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.import
Size: 512B - Virtual size: 464B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE