0ce22c26d4f652e819c64ab3b68c7ce6_JaffaCakes118 | Triage

Sharing

General

Target

0ce22c26d4f652e819c64ab3b68c7ce6_JaffaCakes118
Size

415KB
MD5

0ce22c26d4f652e819c64ab3b68c7ce6
SHA1

0abb15f633592396788115086ff0774f33aa7ab0
SHA256

eee03092386cf62f141187c02493df7538bbd590724d59ff26938dd642f3f3c1
SHA512

63450e74332f7a38b6631b1b3af73c00fe56e98d8627cbddb82794db6f61a7f3ed32117b599eaad2465dae2bb8c4ec5044fdf76616fb5ee934d88afe22537b33
SSDEEP

12288:WZ6TIoft2yugll2jnAaeX6mXM3W4/Plf:WZ6glQlCn0X6X3WoNf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ce22c26d4f652e819c64ab3b68c7ce6_JaffaCakes118

Files

0ce22c26d4f652e819c64ab3b68c7ce6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

760a3c0dcc1c49911194f4969bdbcbac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalDeleteAtom
CloseHandle
GetCommandLineA
RaiseException
IsBadReadPtr
GetStdHandle
GetLogicalDrives
GlobalAddAtomA
LoadLibraryExA
GlobalFree
SetErrorMode
InterlockedExchange
HeapCreate
GetLastError
GetLocaleInfoA
GetACP
FileTimeToLocalFileTime
LockResource
EnterCriticalSection
VirtualProtect
Sleep

user32

GetCursorPos
BeginPaint
ValidateRect
ReleaseDC
GetClassNameA
GetActiveWindow
GetMenuItemInfoA
GetWindowTextA
wsprintfA
SetForegroundWindow
FrameRect
GetParent
DrawEdge
GetWindow
EndPaint
IsIconic
ShowWindow
DrawTextA
GetFocus

httpapi

HttpTerminate
HttpRemoveUrl
HttpInitialize
HttpCreateHttpHandle
HttpAddUrl

msutb

GetPopupTipbar

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ