02448c27e483e9ad6024f1c569a5ccce_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

02448c27e483e9ad6024f1c569a5ccce_JaffaCakes118
Size

16KB
MD5

02448c27e483e9ad6024f1c569a5ccce
SHA1

19eedf5814e15e4d4ada1f53f4550c33df9500ee
SHA256

4b25eed2670373fe484259e9cb27cb9824341f6d0723144a95d72341caa800cd
SHA512

e9a54e8c394792137bfdb7e77ade535d1f69800d88b8b2ecc086900701060d082434b5ab5cc1433de401ef9a6e49ffdb07ccf1780a94497b03401021dc95f2b8
SSDEEP

192:J6YwF12SwsAtbY8vZHX2BCNwnYhqCOR9c6GO1KuRJUc:JdwF12EA1LZHmIwnYJevJUc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02448c27e483e9ad6024f1c569a5ccce_JaffaCakes118

Files

02448c27e483e9ad6024f1c569a5ccce_JaffaCakes118
.exe windows:4 windows x86 arch:x86

466ec246a1e1537843f60a30c39831cf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
IsDBCSLeadByte
GetProcessTimes
lstrcatA
GetModuleHandleA
AreFileApisANSI
GetNumberOfConsoleMouseButtons
OutputDebugStringA
ResetEvent
lstrcpyA
GetConsoleCP
EnumCalendarInfoA
GetConsoleInputWaitHandle
TlsFree
GetUserDefaultLangID
VirtualAlloc
GetThreadLocale
GetOEMCP
PulseEvent
GetProcessVersion
GetExitCodeThread

user32

CloseWindow
ReleaseDC
GetDC
ValidateRect
GetActiveWindow
RegisterClassA
IsWindowVisible
GetClassNameA
GetForegroundWindow
GetWindow
GetSystemMetrics
ShowWindow
GetWindowTextLengthA
GetWindowTextA
GetClassInfoExA
InvalidateRect
ReleaseDC
IsIconic
GetFocus

tapi32

MMCInitialize
MMCShutdown
MMCSetPhoneInfo
MMCSetLineInfo
MMCSetServerConfig

mlang

DllGetClassObject

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ