0e604e6f6bf778f051c5661e27acf30c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0e604e6f6bf778f051c5661e27acf30c_JaffaCakes118
Size

216KB
MD5

0e604e6f6bf778f051c5661e27acf30c
SHA1

095079286a5013cc36a6da2cf9b3cb6a0c1a8b4b
SHA256

27042d2246484eb40a5b8acb4a95c982bf7686a437889f30ea043bf1ec70bb3a
SHA512

8bdd885e0a5ce164bbe4f58272b93f316aa71ca23bb8cbfa2b642d684ce7407f8ef9559773b9ac5baf84865116c4035f58992d188e9ba88ea5c4f02f0b279232
SSDEEP

3072:d+1vxoGy9oqwrkC9wdwdSZbsp9GzQXrYtfEQO1tSmCrgV9NwCmC8Dq:drJhspkUXM/O1tSmHV7uCP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e604e6f6bf778f051c5661e27acf30c_JaffaCakes118

Files

0e604e6f6bf778f051c5661e27acf30c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fe937838d8ad94ccbc8a38055d4d1915

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteProfileStringA
CloseHandle
RaiseException
lstrcat
EnterCriticalSection
GlobalAddAtomA
GetStdHandle
LoadResource
VirtualProtect
GlobalAddAtomA
GetOEMCP
GlobalUnlock
HeapCreate
SetConsolePalette
IsBadCodePtr
LocalFree
LoadLibraryExA
FreeConsole
DeleteAtom
GetLastError
GlobalFree

user32

IsIconic
GetClassInfoExA
CloseWindow
GetClassNameA
ValidateRect
ShowWindow
GetParent
ReleaseDC
AlignRects
BeginPaint
GetWindowTextA
GetWindowTextLengthA
GetActiveWindow
GetDC
EndPaint
GetFocus
GetForegroundWindow
DrawEdge
GetWindow

mprapi

MprAdminUserWrite
MprAdminUserOpen
MprAdminUserRead
MprAdminUserGetInfo
MprAdminUserClose

linkinfo

CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ