JaffaCakes118_174ed39dd8c86cb8c42c3ab27aca5f10 | Triage

Sharing

General

Target

JaffaCakes118_174ed39dd8c86cb8c42c3ab27aca5f10
Size

86KB
MD5

174ed39dd8c86cb8c42c3ab27aca5f10
SHA1

10b54f5c424d89a2bdd4b60bdb7000663628b2f9
SHA256

f000dc62a3ea2b4f89dfb827744b7470ced4fe9af7561207d17f100e42856f37
SHA512

a2a9b71b84a93976635cb20e6fdab0ee186823cb2d9bd68261b89d2e2e89097a4971e5184bb941f1072bcc89ce6910e9b621d81a6211d80bfb38d3e978d94eb7
SSDEEP

1536:nhb2ThTpQSgxVQK/+z4e/4vsG2g9HXW1K:OhOxVx+Ee/GA2XW0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_174ed39dd8c86cb8c42c3ab27aca5f10

Files

JaffaCakes118_174ed39dd8c86cb8c42c3ab27aca5f10
.exe windows:5 windows x86 arch:x86

84c3bb53f05578214bb5e30870197d44

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetEnvironmentStringsW
GetFileSize
CreateDirectoryW
ReadConsoleW
CreateDirectoryA
OpenMutexA
SetEvent
CreateFileA
DeleteFileA
GetFileAttributesW
lstrlenA
GetStartupInfoA
WriteConsoleA
GetProcessHeap
GetModuleFileNameA
SetLastError
SetLastError
HeapSize
OpenSemaphoreA
GlobalFree
GetTickCount
CloseHandle
Sleep
VirtualProtect

user32

DispatchMessageA
IsWindow
FindWindowA
CallWindowProcW
SetFocus
PeekMessageA
DrawTextW
DispatchMessageA
IsZoomed
DestroyMenu
GetSysColor
GetClassInfoA
GetWindowLongA

xolehlp

DtcGetTransactionManagerC
DtcGetTransactionManagerEx
GetDtcLocaleResourceHandle
DtcGetTransactionManager

advapi32

RegCloseKey

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE