2735ecab2efb1f06a806f3d0a4d99a59_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2735ecab2efb1f06a806f3d0a4d99a59_JaffaCakes118
Size

634KB
MD5

2735ecab2efb1f06a806f3d0a4d99a59
SHA1

fbcacb3c47af458db8bbb8e54598c8a26ac00d53
SHA256

24b7f62be0da2db5dc67aa8691a23a5074edef7fd96e98cd908be7ff833e5c55
SHA512

c714e9ff9ca3dc318d002f51965d3907d83a904b27d5bb36fbe2135e28cefffcc9b0273d4e825e875872abe6f66769a78bce736bf0c716ec80dfb06eb053e59c
SSDEEP

12288:WXyZ9OB1+rvybfo7LMarxx0mMlUBd8T6+o/jxUSGh/DzZc:Wmqvfygc8uBE6+OjaQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2735ecab2efb1f06a806f3d0a4d99a59_JaffaCakes118

Files

2735ecab2efb1f06a806f3d0a4d99a59_JaffaCakes118
.exe windows:4 windows x86 arch:x86

46fc8b6f6b437e8afdc80fe62276eb59

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
InterlockedExchange
GetStdHandle
VirtualProtect
GlobalFree
GetSystemDirectoryA
CloseHandle
HeapCreate
GetLastError
GetFileAttributesExA
GetACP
RaiseException
LoadLibraryExA
GetLocaleInfoA
LockResource
GlobalAddAtomA
SetErrorMode
EnterCriticalSection
GetLogicalDrives
GlobalAddAtomA
Sleep

user32

wsprintfA
FillRect
EndPaint
SetForegroundWindow
GetWindowTextA
DrawTextA
BeginPaint
GetParent
ValidateRect
GetActiveWindow
FrameRect
ShowWindow
ReleaseDC
GetCursorPos
GetWindow
FlashWindowEx
GetFocus
IsIconic
GetClassNameA

httpapi

HttpAddUrl
HttpInitialize
HttpTerminate
HttpCreateHttpHandle
HttpAddFragmentToCache

winhttp

WinHttpOpen

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ