0f7877ce57d5c91a4091c67b390dc274_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0f7877ce57d5c91a4091c67b390dc274_JaffaCakes118
Size

634KB
MD5

0f7877ce57d5c91a4091c67b390dc274
SHA1

9c08fded04a1cf10ef61701c854b24f4ff2c91f8
SHA256

15dcde86f47d23b5e71f23752db92623eda29d7fb392a076ab29d0136821d9e9
SHA512

15c3eec5b812b6abc88a28c9f47e3c39f9234d71f6b143a661cc4ea3d4ef473fd9524efd6a15e4d5c4eb79a3a9c536dac0c2d8b345d8b9fa300a6f238f570d68
SSDEEP

12288:SzJKM+WdsUNzl4iaItQY+afif0jOH/Yue6BzD3nsM3n5JMq2NqsDoSBp+F:SKMbeiaIxXfif0Qk0T33nenO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f7877ce57d5c91a4091c67b390dc274_JaffaCakes118

Files

0f7877ce57d5c91a4091c67b390dc274_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f6831b32869e4d723e2bd378da33c4e0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchange
HeapCreate
GlobalFree
GetSystemDirectoryA
GetLocaleInfoA
GetCommandLineA
RaiseException
EnterCriticalSection
GetLastError
GetStdHandle
GetACP
SetErrorMode
GlobalAddAtomA
VirtualProtect
Sleep
GetFileAttributesA
GlobalDeleteAtom
LoadLibraryExA
CloseHandle
LockResource
GetLogicalDrives

user32

GetCursorPos
GetFocus
ShowWindow
ValidateRect
IsIconic
GetMenuItemInfoA
GetWindow
SetForegroundWindow
wsprintfA
GetParent
ReleaseDC
GetClassNameA
GetWindowTextA
DrawTextA
GetActiveWindow
EndPaint
FrameRect
DrawEdge
BeginPaint

httpapi

HttpAddUrl
HttpCreateHttpHandle
HttpRemoveUrl
HttpTerminate
HttpInitialize

wshtcpip

WSHNotify

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ