0b1f52e06b1667acd975233e7d0e73fc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0b1f52e06b1667acd975233e7d0e73fc_JaffaCakes118
Size

639KB
MD5

0b1f52e06b1667acd975233e7d0e73fc
SHA1

8b5cd6b8878f0fdc5425e1ee8a9ce89cddc7fec7
SHA256

19d4d2b0f0b5b5bf59bcbe5ba58bc744d52e510216cacfb6edea8e0547db2949
SHA512

00087a5fccdfa69cddb1456da3d0f736f308b19ecd9abbe6aa229aa5fb8e146ee750f78e240ae6a3b06f7cbe6e133e1c2ea74a0c857d9d478ef004a9960001b1
SSDEEP

12288:0bJe/cG76F93bLa65L2NczI9ORdJ8Cer30ZY4QoU25mTjWB+FTYjc:0wca6DLLa6FzI9ORdOCeAZYPtjWB+Fc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b1f52e06b1667acd975233e7d0e73fc_JaffaCakes118

Files

0b1f52e06b1667acd975233e7d0e73fc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fcc18c7a24b6b5f57585f97e381c3a28

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
SetEvent
SetErrorMode
GetLogicalDrives
VirtualProtect
GetLocaleInfoA
CloseHandle
ReleaseMutex
EnterCriticalSection
GetACP
Sleep
GetStdHandle
GetLastError
InterlockedExchange
FindFirstFileA
RaiseException
LoadLibraryExA
GetSystemDirectoryA
HeapCreate
GlobalFree
ResetEvent

user32

GetParent
IsIconic
BeginPaint
EndPaint
GetCursorPos
wsprintfA
GetActiveWindow
ShowWindow
FillRect
ValidateRect
GetClassNameA
FlashWindowEx
GetWindowTextA
GetFocus
DrawTextA
ReleaseDC
SetForegroundWindow
FrameRect
GetWindow

httpapi

HttpAddFragmentToCache
HttpCreateHttpHandle
HttpInitialize
HttpAddUrl
HttpTerminate

winhttp

WinHttpOpen

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ