JaffaCakes118_6e6cbd7190cbbc96574a184809e78950 | Triage

Sharing

General

Target

JaffaCakes118_6e6cbd7190cbbc96574a184809e78950
Size

119KB
MD5

6e6cbd7190cbbc96574a184809e78950
SHA1

e856c2841523ee994426f6b1e7461f0ddcc7f2f6
SHA256

57849ccf4b7a656216fe6b1dadf4c1a7a8469d8a0ca70be63f87aed30914ef5d
SHA512

044111abdb3d0330843750346dd1185327efa8ecf21b809caf79f9e6c3189b0ed85729fc5011bb32c8563bd8f78d5ee14f98dc1dcc64e8b6e374663915263b1c
SSDEEP

3072:rcgWZloPyok8FzpIMrD3sx5eluH8k1z2BHgMaEIb:Vg6yOz6Vx5eEL10GEIb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6e6cbd7190cbbc96574a184809e78950

Files

JaffaCakes118_6e6cbd7190cbbc96574a184809e78950
.exe windows:5 windows x86 arch:x86

edce2febc0353c109e6c04154d220157

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

Sleep
TlsGetValue
GetDriveTypeA
lstrlenA
ReadConsoleA
GetLastError
HeapSize
GetPrivateProfileSectionA
GetLogicalDrives
ReadConsoleA
CloseHandle
VirtualProtectEx
FindAtomW
GetStartupInfoA
SearchPathW
ReleaseMutex
DeleteFileW
PulseEvent
ReadConsoleA
LoadLibraryW
GetStringTypeW

dsprop

FindSheet
FindSheet
ReportError
ReportError
ErrMsg
MsgBox
ErrMsg
ErrMsg
FindSheet
MsgBox
CheckADsError
CheckADsError
MsgBox

gpedit

DllGetClassObject
DllCanUnloadNow
BrowseForGPO
ExportRSoPData

Sections

.text
Size: 1024B - Virtual size: 788B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 704B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 266B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.import
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 73B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE