JaffaCakes118_7abb7d0fbfe56f5a3cc664f45087320e | Triage

Sharing

General

Target

JaffaCakes118_7abb7d0fbfe56f5a3cc664f45087320e
Size

120KB
MD5

7abb7d0fbfe56f5a3cc664f45087320e
SHA1

20904693efc83be4ea08ad14e84fec11f271a4dc
SHA256

98ed1fb7b1950348882246152fec924de0ef6bf8ea1fe26c54d46471b0eb8186
SHA512

a14500102f31bb4574243dd6d2ea7521dd4803c67b3f67aae59001f52bf55b0ce14026561cfb2d513f3bfb3c4fa3e6c9ee1757cbc1f37c8e01d0960ea58a6822
SSDEEP

3072:LPmcJaumOiShVzQ+mm4P8HV2A39hk9UNt/t:TdJaumOVA+mjB+Nt/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_7abb7d0fbfe56f5a3cc664f45087320e

Files

JaffaCakes118_7abb7d0fbfe56f5a3cc664f45087320e
.exe windows:4 windows x86 arch:x86

565d0cb471a1d577f8183bb8b41e542b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DisconnectNamedPipe
GetStdHandle
CopyFileW
GetFileAttributesA
CreatePipe
HeapCreate
GetCurrentDirectoryA
ReleaseMutex
CloseHandle
IsDebuggerPresent
WriteConsoleW
WriteConsoleW
GetModuleHandleA
GetPriorityClass
SetEvent
lstrcpyW
GetLastError
lstrlenW
GetStartupInfoA
WriteConsoleW
ClearCommBreak

msftedit

SetCustomTextOutHandlerEx
RichEditWndProc
RichListBoxWndProc
RichComboBoxWndProc

shell32

DragAcceptFiles
SHGetMalloc
ExtractIconA
DragQueryFileA
ShellMessageBoxA
SHGetDiskFreeSpaceA
SHGetDiskFreeSpaceA
DuplicateIcon
ShellMessageBoxA
SHGetMalloc
ShellAboutA
StrChrA
SHGetSettings

msasn1

ASN1BERDecBool

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.orpc
Size: 512B - Virtual size: 115B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ