2818a7bf5b7371355e3ea8e274a55b7a_JaffaCakes118 | Triage

Sharing

General

Target

2818a7bf5b7371355e3ea8e274a55b7a_JaffaCakes118
Size

43KB
MD5

2818a7bf5b7371355e3ea8e274a55b7a
SHA1

19005e9cfe921768555b65cc54de8cd74197a0b4
SHA256

bb96a3cc84a4a439cc717a0db5571993333f5f565a22b3d13fa25230d8ddbcfd
SHA512

9879e5d3029d5645fae7e44eb81496c0270bb0efca080d42833a9990d121b8eced5350f52e073a365464074d26fbf70a2238ca3c71fef6386fe632bed0dbeae2
SSDEEP

768:2r+gCIRPPWcjz1tSMoQHRqhq5VZ3fQRCw7fM9JR6R:G+gCIRPPWcrSMoQHwNR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2818a7bf5b7371355e3ea8e274a55b7a_JaffaCakes118

Files

2818a7bf5b7371355e3ea8e274a55b7a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7772b77738c55548f2c90c0557e5ded6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeFormatA
GetStdHandle
SizeofResource
GlobalAddAtomA
MultiByteToWideChar
SetErrorMode
Sleep
RaiseException
GlobalUnlock
GetPriorityClass
HeapCreate
GetACP
GetLastError
GlobalFree
EnterCriticalSection
VirtualProtect
GlobalDeleteAtom
LoadLibraryExA
SetConsoleCP
LockResource
CloseHandle

user32

GetWindowTextA
AnyPopup
EndPaint
ReleaseDC
GetWindow
GetMenuItemInfoA
GetCursorPos
DrawEdge
GetClassInfoExA
GetFocus
ShowWindow
ValidateRect
BeginPaint
GetClassNameA
GetActiveWindow
IsIconic
GetForegroundWindow
GetParent
DrawMenuBar

mprapi

MprAdminUserClose
MprAdminUserRead
MprAdminUserWrite
MprAdminUserOpen
MprAdminUserGetInfo

mapi32

MAPILogonEx

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 740KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ