1a65a59c9022f7a3393627b8fcfbaf25_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1a65a59c9022f7a3393627b8fcfbaf25_JaffaCakes118
Size

208KB
MD5

1a65a59c9022f7a3393627b8fcfbaf25
SHA1

1419e3cbb3264175b2cb755798f95c85c7fee905
SHA256

00fe9fe3448c6008361804bcb4adb75d7eb93d25943a663b5a471e83bec7e250
SHA512

701f14e3734d1b786a1ef961d015d8647b551d12005cb891c28cf986cf491dde245eea19a3108c3336f9fe2a895912bd471e5dcb101aa8d4c99c7174eaa5368e
SSDEEP

3072:LHBZcrS1jYbRIT71g/x2izD0ZYXwjeeYzymjYFtKdgrwn7RiZA2/jUB:LhZCbRKBGx2OEYwjMnYKdgy2IB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a65a59c9022f7a3393627b8fcfbaf25_JaffaCakes118

Files

1a65a59c9022f7a3393627b8fcfbaf25_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f19d09ce2f282a9ef11fc58cb898e94c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForMultipleObjects
WaitForSingleObject
InterlockedExchange
VirtualProtect
LoadLibraryExA
GetSystemDefaultLangID
HeapReAlloc
GlobalUnlock
GetVersion
HeapCreate
GetStdHandle
GetModuleHandleA
CompareFileTime
SuspendThread
AddAtomA
GetConsoleCP
CloseHandle
GetCommandLineA
GetProfileIntA
GetTickCount
lstrlenA

user32

CreateCaret
PaintDesktop
ModifyMenuA
GetKeyState
DestroyMenu
MessageBoxA
PostMessageA
GetMenuStringA
DrawCaption
IsDialogMessage
DialogBoxParamA
SubtractRect
CreateCursor
SetPropA
FindWindowA
GetWindowTextA
GetKeyboardLayout
InsertMenuA
DispatchMessageA
TranslateMessage
EnableScrollBar
GetDlgItem
EqualRect
CopyRect
SetWindowPos

netapi32

DsRoleCancel
DsGetDcOpenA
DsGetDcNextA
DsGetDcNameA
DsRoleFreeMemory

dnsapi

DnsStatusString

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 816KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ