f06ba60d6470fb76777cddf7e6a8d4a6_JaffaCakes118 | Triage

Sharing

General

Target

f06ba60d6470fb76777cddf7e6a8d4a6_JaffaCakes118
Size

317KB
MD5

f06ba60d6470fb76777cddf7e6a8d4a6
SHA1

d6545546ec453528fa2cb96306cd4fb86db08087
SHA256

c2565efd9c7d793da3f442c2f54dfd5c76eefd986b1c567d7dea94bb0515ddb9
SHA512

00e32156ee7361bf23c43ea78c7529f8e049a0ce5a20ae33d8e48ef9143d58ac849e554c6a5ad2393ce2e572549304127cf87d73724fb5e85a5a385cc305f1c8
SSDEEP

6144:7vSLeC/4nXA13lwjbjHMGcnr6hDLCF1bzzFD5BrOSMInBOwUsD1N:7vRnX5Hrlcnr6hDLstzzYSMaBOwUsRN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f06ba60d6470fb76777cddf7e6a8d4a6_JaffaCakes118

Files

f06ba60d6470fb76777cddf7e6a8d4a6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

47ae0129e1cbc165acdd52923d2d73ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteProfileStringA
SetConsolePalette
IsBadCodePtr
RaiseException
GetLastError
FreeConsole
EnterCriticalSection
CloseHandle
GlobalUnlock
lstrcpyA
GetStdHandle
LoadLibraryExA
GlobalAddAtomA
GetOEMCP
LoadResource
GlobalAddAtomA
DeleteAtom
LocalFree
HeapCreate
VirtualProtect
GlobalFree

user32

GetActiveWindow
DrawEdge
CloseWindow
ValidateRect
GetWindowTextLengthA
IsIconic
GetDC
ShowWindow
GetClassInfoExA
ReleaseDC
GetWindowTextA
EndPaint
GetParent
BeginPaint
AlignRects
GetFocus
GetWindow
GetForegroundWindow
GetClassNameA

mprapi

MprAdminUserGetInfo
MprAdminUserRead
MprAdminUserWrite
MprAdminUserClose
MprAdminUserOpen

linkinfo

CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ