f1c2a389a8ac4d29efc67f126b6e14d7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f1c2a389a8ac4d29efc67f126b6e14d7_JaffaCakes118
Size

416KB
MD5

f1c2a389a8ac4d29efc67f126b6e14d7
SHA1

0f05cb3cf3164aaa880f41a0f8759f0678286019
SHA256

e12eb19feed8df2587d509c03d63627c62cea01b45c5f06787b417f432c74402
SHA512

93ce93582737711e57fb1190d81172e7fd87c2c9187e0f2a9d7e6128f8cbbd58d383ee4b0e9cf7cae2ca4234a2c40d5feaf9b901db512c6b4438276777752c8e
SSDEEP

6144:e6b2I7dBJY+l8EAnddMJfnDnDYiktjAg2SDj2uqLUITtjtz:e6qIprYLsr0iktjrpDSFJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f1c2a389a8ac4d29efc67f126b6e14d7_JaffaCakes118

Files

f1c2a389a8ac4d29efc67f126b6e14d7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fc0958f75f8c824cd07ab3c7cf8d58e6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
LockResource
GetLocaleInfoA
LoadLibraryExA
HeapCreate
GetSystemDirectoryA
GetLogicalDrives
SetErrorMode
RaiseException
GlobalFree
GlobalAddAtomA
GetStdHandle
GlobalAddAtomA
Sleep
EnterCriticalSection
CloseHandle
GetLastError
GetCommandLineA
InterlockedExchange
GetFileAttributesExA
VirtualProtect

user32

FrameRect
GetWindow
FlashWindowEx
GetCursorPos
BeginPaint
GetWindowTextA
ReleaseDC
GetActiveWindow
FillRect
DrawTextA
GetParent
ShowWindow
GetFocus
IsIconic
wsprintfA
ValidateRect
EndPaint
GetClassNameA
SetForegroundWindow

httpapi

HttpCreateHttpHandle
HttpInitialize
HttpAddFragmentToCache
HttpTerminate
HttpAddUrl

winhttp

WinHttpOpen

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ