f79c99857e7942791507cd28321f4da6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f79c99857e7942791507cd28321f4da6_JaffaCakes118
Size

316KB
MD5

f79c99857e7942791507cd28321f4da6
SHA1

8e70d1cc3e9ae4ef3ef4fe14e0f5f9f5b296dda8
SHA256

e4a2adb0b5d05ea96d1189edffd93b36e9f5d8369937974df9fe83580ed0bce9
SHA512

f9274c2d1a6b2d4fb26f4123a5f016cab4b814e488a3a7bc2614231963e54bcc51d86c3785c1a4fcadb751f6aab0cf86c7b8da26364edc8c4a93d5ba1bbbbda6
SSDEEP

6144:B8BmLHC9+7SxhjmqsfGCIUZXiwRlDzgnJOGHhZ9al5YgvysriJOh:B6h5mf3I2iwDzgn3Y5h6sriJ2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f79c99857e7942791507cd28321f4da6_JaffaCakes118

Files

f79c99857e7942791507cd28321f4da6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b177bed62ebc0a5053e513b99a458ca0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLogicalDrives
SetEvent
VirtualProtect
ResetEvent
GetSystemDirectoryA
HeapCreate
SetErrorMode
EnterCriticalSection
GetCommandLineA
CloseHandle
InterlockedExchange
GetStdHandle
GlobalFree
GetLastError
FindFirstFileA
RaiseException
GetACP
GetLocaleInfoA
LoadLibraryExA
Sleep
ReleaseMutex

user32

GetActiveWindow
ReleaseDC
EndPaint
GetFocus
GetWindow
FrameRect
wsprintfA
BeginPaint
ValidateRect
DrawTextA
SetForegroundWindow
GetWindowTextA
GetParent
GetClassNameA
IsIconic
ShowWindow
GetCursorPos
FlashWindowEx
FillRect

httpapi

HttpAddFragmentToCache
HttpCreateHttpHandle
HttpAddUrl
HttpInitialize
HttpTerminate

winhttp

WinHttpOpen

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ