21caf143cbfe1dbae6138f2c8340c07a_JaffaCakes118 | Triage

Sharing

General

Target

21caf143cbfe1dbae6138f2c8340c07a_JaffaCakes118
Size

635KB
MD5

21caf143cbfe1dbae6138f2c8340c07a
SHA1

e297d978178d42b00419ab79b6063deb70895c93
SHA256

0cd062bc20053b9a7386468fcbbf36c6176ae6835a1eac13fd3f266ebbd069ae
SHA512

ca15f6ae54fad86e0f40213cbd8599ebcc5df7f7378b1059323170206fd9858e22bc9c58e99b10344d83ef4f823acd2c434e1cfc9dcb0d91c0ffb0007eef25c7
SSDEEP

12288:YgtXADLZx1UPWq17TCmAdpRLBuGtfTSgjNI8O10GRq8CXcTcrrugWDrFhE:LX41IW8e7Z99BugZI8O10MLCpXug6hE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21caf143cbfe1dbae6138f2c8340c07a_JaffaCakes118

Files

21caf143cbfe1dbae6138f2c8340c07a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c60436ce8c09968a68fbfc3088031756

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoA
CloseHandle
FileTimeToLocalFileTime
EnterCriticalSection
GlobalDeleteAtom
GlobalAddAtomA
GetStdHandle
Sleep
GetCommandLineA
GetLogicalDrives
LoadLibraryExA
InterlockedExchange
HeapCreate
GetACP
SetErrorMode
LockResource
GlobalFree
RaiseException
VirtualProtect
IsBadReadPtr
GetLastError

user32

GetClassNameA
GetCursorPos
IsIconic
GetActiveWindow
GetParent
ReleaseDC
GetFocus
FrameRect
DrawEdge
GetWindowTextA
wsprintfA
GetMenuItemInfoA
BeginPaint
ShowWindow
ValidateRect
SetForegroundWindow
GetWindow
EndPaint
DrawTextA

httpapi

HttpTerminate
HttpRemoveUrl
HttpInitialize
HttpAddUrl
HttpCreateHttpHandle

msutb

GetPopupTipbar

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ