276420397dfb20f4437e9f2e9c087861_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

276420397dfb20f4437e9f2e9c087861_JaffaCakes118
Size

97KB
MD5

276420397dfb20f4437e9f2e9c087861
SHA1

46151f1692b86a9661a756294ca5f7245e70f678
SHA256

b125da9680c411f7d88078d72134fcb083936b3284e7fdff6e1d6c72d3e52949
SHA512

9e43c42339409e6d4d689058b6c82855d551e0657e4568c7df4656d6e3bcd519519c4718560e11e86362d23e2bb5d01cfdfe8e98731303a3a7390dd63adb1f66
SSDEEP

1536:h77raVWSlxUizD9LjSZkwa0Ak5KHaclyvHxKuqYaPMK8jqdhPOVgUDk7x/J0M+x5:h7gZUiz1+kwik5KHCKudK8IsRk4HBd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
276420397dfb20f4437e9f2e9c087861_JaffaCakes118

Files

276420397dfb20f4437e9f2e9c087861_JaffaCakes118
.exe windows:4 windows x86 arch:x86

69ea1f6c3c6a658702f49426c4a279ac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsFree
SetEvent
GetExitCodeThread
GetThreadLocale
AddAtomA
GetThreadPriority
GetHandleContext
GetThreadTimes
IsDBCSLeadByte
GetLargestConsoleWindowSize
CompareStringA
ReleaseMutex
CancelWaitableTimer
GetConsoleCP
TlsGetValue
GetOEMCP
VirtualAlloc
GetUserDefaultLangID
GetModuleHandleA
CreatePipe
CreateMutexA

user32

GetWindow
ReleaseDC
GetSystemMetrics
RegisterClassA
IsWindowVisible
ShowWindow
GetClassNameA
ValidateRect
CloseWindow
GetForegroundWindow
GetClassInfoExA
IsIconic
GetWindowTextLengthA
ReleaseDC
InvalidateRect
GetActiveWindow
GetFocus
GetDC
GetWindowTextA

tapi32

MMCShutdown
MMCSetServerConfig
MMCSetPhoneInfo
MMCSetLineInfo
MMCInitialize

wldap32

ldap_add

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 968KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ