1658caed7d02f712763b9b7161c1972b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1658caed7d02f712763b9b7161c1972b_JaffaCakes118
Size

415KB
MD5

1658caed7d02f712763b9b7161c1972b
SHA1

4eea51f5478a4a9b4aa842a6639298b71f0b76ea
SHA256

31fa9a5b22b842d80849d4b2b553a680b64a2e35e5a3deec6bc832a55e1f7ec6
SHA512

c7d6b206c2c200181947bd3deb532ad071ed5fbf7e5e542846b5b9b9db093638ddd299ecca3ad336bb106fa3424da84fad3d327c6b9c1f8638109c2fdf438249
SSDEEP

6144:G1ojUwD3TilJTq4y+ydvMQp7Tmd7xG8twYU42vw:GKowTWTq4yzd/tS7U8tEn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1658caed7d02f712763b9b7161c1972b_JaffaCakes118

Files

1658caed7d02f712763b9b7161c1972b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f3138b38be1bd53b33831e5855d47fd5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalDeleteAtom
RaiseException
LoadLibraryExA
GetACP
LockResource
GetLocaleInfoA
GlobalAddAtomA
InterlockedExchange
GetStdHandle
SetErrorMode
GetLogicalDrives
HeapCreate
GetSystemDirectoryA
CloseHandle
GlobalFree
GetLastError
VirtualProtect
Sleep
GetCommandLineA
EnterCriticalSection
GetFileAttributesA

user32

FrameRect
wsprintfA
DrawTextA
GetCursorPos
SetForegroundWindow
GetActiveWindow
GetMenuItemInfoA
GetClassNameA
IsIconic
GetFocus
GetParent
ValidateRect
BeginPaint
ShowWindow
DrawEdge
ReleaseDC
EndPaint
GetWindow
GetWindowTextA

httpapi

HttpCreateHttpHandle
HttpRemoveUrl
HttpAddUrl
HttpInitialize
HttpTerminate

wshtcpip

WSHNotify

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ