231125dbdaf432ac021b4a77dd556c3f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

231125dbdaf432ac021b4a77dd556c3f_JaffaCakes118
Size

317KB
MD5

231125dbdaf432ac021b4a77dd556c3f
SHA1

a97beb53a61dc8f62c761dcd1a05084d026b7a9e
SHA256

3f840e99d0b3d32048085f85ba127410c482e8f04c55e696b2d45060d5e4587f
SHA512

61023860087d58ac141f1a6474ba8e73dfb9160334ea5508082bdc8d1252d45f65a80937b6cefe6bf3cc2a56982030202444a5b47aa8192f0181ea66d026045a
SSDEEP

6144:RvSAeC/4nXA13lwjbjHMGcnr6hDLCF1bzzFD5BrOSMInBOwUsD1N:RvcnX5Hrlcnr6hDLstzzYSMaBOwUsRN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
231125dbdaf432ac021b4a77dd556c3f_JaffaCakes118

Files

231125dbdaf432ac021b4a77dd556c3f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

47ae0129e1cbc165acdd52923d2d73ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteProfileStringA
SetConsolePalette
IsBadCodePtr
RaiseException
GetLastError
FreeConsole
EnterCriticalSection
CloseHandle
GlobalUnlock
lstrcpyA
GetStdHandle
LoadLibraryExA
GlobalAddAtomA
GetOEMCP
LoadResource
GlobalAddAtomA
DeleteAtom
LocalFree
HeapCreate
VirtualProtect
GlobalFree

user32

GetActiveWindow
DrawEdge
CloseWindow
ValidateRect
GetWindowTextLengthA
IsIconic
GetDC
ShowWindow
GetClassInfoExA
ReleaseDC
GetWindowTextA
EndPaint
GetParent
BeginPaint
AlignRects
GetFocus
GetWindow
GetForegroundWindow
GetClassNameA

mprapi

MprAdminUserGetInfo
MprAdminUserRead
MprAdminUserWrite
MprAdminUserClose
MprAdminUserOpen

linkinfo

CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ