279a06d0e2ed1c71dc7825ea52e92c3b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

279a06d0e2ed1c71dc7825ea52e92c3b_JaffaCakes118
Size

381KB
MD5

279a06d0e2ed1c71dc7825ea52e92c3b
SHA1

85c4168c0580840e7dcda9e266092032aee13b04
SHA256

ecc925f65de093fe21e9f6bd7371eb3f868b8198bb61afa52f36260d94a954aa
SHA512

8d712d1dc75db7b8615070eeda3f2ea9f4b5ae81c562ea17ec90f52156b09e570caf5c144414a7b23a42e3a16ae623dd9d1a7bca3a0795a05c2b320e4d89f962
SSDEEP

6144:7cwuO3NYDsNAdnQWMAN6l5yjiqXRZtWpfvxs5kiha0Al3EsRy2LaQt:7c7O3N50BMukyHgG51A5WQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
279a06d0e2ed1c71dc7825ea52e92c3b_JaffaCakes118

Files

279a06d0e2ed1c71dc7825ea52e92c3b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cd560bdc0a47b15e028f884ada121410

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
CloseHandle
GlobalAddAtomA
GetStdHandle
LockResource
VirtualProtect
EnterCriticalSection
InterlockedExchange
HeapCreate
GlobalDeleteAtom
LoadLibraryExA
GetACP
GetLastError
GlobalUnlock
RaiseException
SetErrorMode
GetLocaleInfoA
GetDriveTypeA
Sleep
SetConsoleCP
FoldStringA

user32

GetCursorPos
CharToOemBuffA
DrawEdge
EndPaint
GetWindow
GetParent
GetActiveWindow
ReleaseDC
SetForegroundWindow
ClipCursor
ShowWindow
IsIconic
BeginPaint
ValidateRect
GetFocus
GetWindowTextA
GetMenuItemInfoA
DrawTextA
GetClassNameA

version

VerQueryValueA
GetFileVersionInfoA
VerFindFileA
VerInstallFileA
GetFileVersionInfoSizeA

rasadhlp

WSAttemptAutodialName

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 704KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ