0b557e28f5e120ad644b48771bc30ceb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0b557e28f5e120ad644b48771bc30ceb_JaffaCakes118
Size

317KB
MD5

0b557e28f5e120ad644b48771bc30ceb
SHA1

c283a9501e310cf14cd95cf9e5e68fe6ca31796f
SHA256

146a4099b134f6f653379e034f66bf76810fafe5a6746394d05cbca6ba1ab494
SHA512

66b9976363582ad1460ffe686c25d6a005d6729844453db5fe841bd2e55da9f7732f8073461890702d6e109c4ab9a68465ca58c5650f818e4f40a6f993c91bfb
SSDEEP

6144:kOAoeC/4nXA13lwjbjHMGcnr6hDLCF1bzzFD5BrOSMInBOwUsD1N:kOunX5Hrlcnr6hDLstzzYSMaBOwUsRN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b557e28f5e120ad644b48771bc30ceb_JaffaCakes118

Files

0b557e28f5e120ad644b48771bc30ceb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d44f61f877641e3a49e42d93edc83c5b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
EnterCriticalSection
CloseHandle
HeapCreate
GlobalUnlock
GlobalAddAtomA
LoadResource
GetOEMCP
WriteProfileStringA
lstrcat
GetLastError
LoadLibraryExA
DeleteAtom
SetConsolePalette
VirtualProtect
GlobalAddAtomA
RaiseException
GlobalFree
FreeConsole
LocalFree
IsBadCodePtr

user32

AlignRects
GetWindowTextLengthA
GetParent
ReleaseDC
GetActiveWindow
ShowWindow
DrawEdge
GetClassNameA
CloseWindow
ValidateRect
GetForegroundWindow
IsIconic
GetWindowTextA
BeginPaint
GetDC
EndPaint
GetFocus
GetWindow
GetClassInfoExA

mprapi

MprAdminUserRead
MprAdminUserWrite
MprAdminUserGetInfo
MprAdminUserOpen
MprAdminUserClose

linkinfo

CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ