1a48d672929f9c0261871a02e633fddc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1a48d672929f9c0261871a02e633fddc_JaffaCakes118
Size

312KB
MD5

1a48d672929f9c0261871a02e633fddc
SHA1

fbe70ddb64717ed5ff92ef04e528a35aad664ba0
SHA256

f0f51f328edc0ef97fb95eeff33cd847a473c503ae8d41196711eab0c6488fde
SHA512

eacb4ef1e12f2a3d80559146a3d2f33e1134a4ec33d80793c42608e20f6f95be16077d7989fd4a27241ab83f37c1c48b67a67d836a2a46a765008582954e5d1b
SSDEEP

6144:CB4U8SZ6FFZGjaCLoOAG99sAEa4LZtz5ft13ZC11b2+Lh+679+y7Ul/WtBB+Wxa:HjCmFLCLXiAMN5l1k11b225l7Uy+U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a48d672929f9c0261871a02e633fddc_JaffaCakes118

Files

1a48d672929f9c0261871a02e633fddc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

83769c1c3b5fe130af21f5a0a520e925

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
LoadLibraryExA
InterlockedExchange
GetStdHandle
GlobalFree
Sleep
ReleaseMutex
GetLogicalDrives
CloseHandle
GetSystemDirectoryA
GetLocaleInfoA
GetACP
GetCommandLineA
ResetEvent
HeapCreate
FindFirstFileA
GetLastError
SetErrorMode
EnterCriticalSection
SetEvent
VirtualProtect

user32

ValidateRect
GetCursorPos
GetParent
FlashWindowEx
ShowWindow
GetClassNameA
EndPaint
GetActiveWindow
DrawTextA
FillRect
GetWindow
FrameRect
IsIconic
BeginPaint
GetWindowTextA
ReleaseDC
GetFocus
SetForegroundWindow
wsprintfA

httpapi

HttpInitialize
HttpCreateHttpHandle
HttpAddUrl
HttpTerminate
HttpAddFragmentToCache

winhttp

WinHttpOpen

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ