17da39c880b01cdc3a5eaad626d7e768_JaffaCakes118 | Triage

Sharing

General

Target

17da39c880b01cdc3a5eaad626d7e768_JaffaCakes118
Size

416KB
MD5

17da39c880b01cdc3a5eaad626d7e768
SHA1

8660ff6686a406fd54b98bc908e21a0aca5464a1
SHA256

c9d3cc1d785d9e30e9bc15591bab03090fd88b1ed357b24ae9be4f122826da65
SHA512

a60ae4536ce3f921f513055e8430d585c46d326bacae4697223b1b2a831f8e571ab7f4d520513462753b13452171e0286c56e6296b632bdef47df3bc95313026
SSDEEP

12288:MZ6TIoft2yugll2jnAaeX6mXM3W4/Plf:MZ6glQlCn0X6X3WoNf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17da39c880b01cdc3a5eaad626d7e768_JaffaCakes118

Files

17da39c880b01cdc3a5eaad626d7e768_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b35bd17c5e3275e0c34c9a0b280c32a9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
GetLocaleInfoA
IsBadReadPtr
GlobalAddAtomA
GlobalFree
GetStdHandle
GetCommandLineA
GetLastError
GlobalDeleteAtom
SetErrorMode
LockResource
CloseHandle
EnterCriticalSection
FileTimeToLocalFileTime
GetLogicalDrives
VirtualProtect
InterlockedExchange
Sleep
RaiseException
LoadLibraryExA
GetACP

user32

SetForegroundWindow
EndPaint
GetFocus
BeginPaint
GetWindow
wsprintfA
FrameRect
GetWindowTextA
DrawEdge
GetMenuItemInfoA
GetClassNameA
GetCursorPos
DrawTextA
GetActiveWindow
IsIconic
GetParent
ReleaseDC
ValidateRect
ShowWindow

httpapi

HttpRemoveUrl
HttpTerminate
HttpInitialize
HttpCreateHttpHandle
HttpAddUrl

msutb

GetPopupTipbar

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ