05c75de8671de367c34691c513e0bf3f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

05c75de8671de367c34691c513e0bf3f_JaffaCakes118
Size

312KB
MD5

05c75de8671de367c34691c513e0bf3f
SHA1

31dcd7d84262ec1cfa66eb384bad7486818d5131
SHA256

c49f74b0550df7ff1ade39ef15ca7a3a2361aecfc5aaaf379cbad4dbcde2cf53
SHA512

5c2d53f00da08cabc7086a6b27b1dd7a890d3181e067a6f4c1ec892fdaf45701db2719a2841fde6281204bca287842391b71ab67da471afe81aa1a6f02c24f04
SSDEEP

6144:4Ud+NsHYcfGkNdCEW/gh95Re3YIAR6y0SROGN+4PrVAuJq:4Ud+uH3fGoCEW/49zwdGI4PrVAQq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05c75de8671de367c34691c513e0bf3f_JaffaCakes118

Files

05c75de8671de367c34691c513e0bf3f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a60d0fc8a3a9c7f1016c3650183d212a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToLocalFileTime
CloseHandle
InterlockedExchange
GetDriveTypeA
VirtualProtect
GetACP
GetLocaleInfoA
LoadLibraryExA
RaiseException
GlobalDeleteAtom
Sleep
SetErrorMode
SetConsoleOutputCP
HeapCreate
GetLastError
LockResource
IsBadReadPtr
EnterCriticalSection
GetStdHandle
GlobalAddAtomA
GlobalFree

user32

GetMenuItemInfoA
DrawEdge
ValidateRect
ClipCursor
GetCursorPos
GetWindow
GetParent
GetWindowTextA
ReleaseDC
GetFocus
BeginPaint
SetForegroundWindow
GetClassNameA
IsIconic
EndPaint
ShowWindow
GetActiveWindow
DrawTextA
wsprintfA

httpapi

HttpInitialize
HttpRemoveUrl
HttpCreateHttpHandle
HttpTerminate
HttpAddUrl

msutb

GetPopupTipbar

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ