278284bdf949d9e8364b0d404f55cd3a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

278284bdf949d9e8364b0d404f55cd3a_JaffaCakes118
Size

317KB
MD5

278284bdf949d9e8364b0d404f55cd3a
SHA1

c97156bc3985d9a86e2429a11fe0dc165a3aff0a
SHA256

d3ec537a48ab5690da2f6ca798fe235b9034e989313e924fe4d0035769c33bf1
SHA512

6c90738f2a76f21cca1922466b1f5be6d79d05e6d04e38c1abcd7c5324182d80ef52ba90df5a0a019f0e0b24aae4d455476785466467148d6fa3ff01be20bf63
SSDEEP

6144:rCCieC/4nXA13lwjbjHMGcnr6hDLCF1bzzFD5BrOSMInBOwUsD1N:rC+nX5Hrlcnr6hDLstzzYSMaBOwUsRN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
278284bdf949d9e8364b0d404f55cd3a_JaffaCakes118

Files

278284bdf949d9e8364b0d404f55cd3a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

79603afc1ae788f34b36a0a8511fb52c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAddAtomA
lstrcpyA
WriteProfileStringA
CloseHandle
IsBadCodePtr
LocalFree
GetLastError
VirtualProtect
GlobalUnlock
DeleteAtom
SetConsolePalette
EnterCriticalSection
GetACP
FreeConsole
GetStdHandle
GlobalFree
LoadResource
LoadLibraryExA
RaiseException
HeapCreate
GlobalAddAtomA

user32

AlignRects
GetWindowTextLengthA
GetForegroundWindow
GetWindow
EndPaint
BeginPaint
CloseWindow
GetDC
GetClassInfoExA
GetFocus
GetParent
GetWindowTextA
ShowWindow
ValidateRect
DrawEdge
IsIconic
GetClassNameA
GetActiveWindow
ReleaseDC

mprapi

MprAdminUserWrite
MprAdminUserRead
MprAdminUserOpen
MprAdminUserGetInfo
MprAdminUserClose

linkinfo

CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ