08970fe7959220239eb1dac9fc571c7d_JaffaCakes118 | Triage

Sharing

General

Target

08970fe7959220239eb1dac9fc571c7d_JaffaCakes118
Size

317KB
MD5

08970fe7959220239eb1dac9fc571c7d
SHA1

2c786cd6247ff08b5fcbe387f05b3d22683e54bc
SHA256

08f0dcdef1030e05fadbbd439b0855bd229857e122b47c69fa5f55b26fa8a630
SHA512

1e37044eb7cceb97183c9294121f397e9538abeb686749148e581579d5ba399ef1e3b217a764935bbe6ad9923919df117ed185a09b9b76a35e7f2b57adcd9eac
SSDEEP

6144:5TGqeC/4nXA13lwjbjHMGcnr6hDLCF1bzzFD5BrOSMInBOwUsD1N:5TenX5Hrlcnr6hDLstzzYSMaBOwUsRN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08970fe7959220239eb1dac9fc571c7d_JaffaCakes118

Files

08970fe7959220239eb1dac9fc571c7d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

626d8e56d8968305f17cce778dedf096

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteAtom
GlobalAddAtomA
LocalFree
LoadResource
CloseHandle
EnterCriticalSection
GlobalUnlock
GetLastError
HeapCreate
RaiseException
GetACP
GlobalFree
FreeConsole
SetConsolePalette
GlobalAddAtomA
WriteProfileStringA
IsBadCodePtr
GetStdHandle
VirtualProtect
lstrcpyA
LoadLibraryExA

user32

GetParent
GetWindow
ShowWindow
GetDC
GetClassInfoExA
IsIconic
BeginPaint
AlignRects
GetWindowTextLengthA
GetForegroundWindow
GetActiveWindow
GetClassNameA
EndPaint
GetWindowTextA
GetFocus
CloseWindow
DrawEdge
ValidateRect
ReleaseDC

mprapi

MprAdminUserOpen
MprAdminUserRead
MprAdminUserWrite
MprAdminUserClose
MprAdminUserGetInfo

linkinfo

CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ