28697c0af331479b6ce7b98cd6033df4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28697c0af331479b6ce7b98cd6033df4_JaffaCakes118
Size

638KB
MD5

28697c0af331479b6ce7b98cd6033df4
SHA1

a4c17fce189b38e5ea40f7430811e8a4bae61a28
SHA256

d443f0f50637ab30052a486e2242d6bac1d0237732d4a2c1b6c805eb4ff4cb5e
SHA512

1ca8aca041898905a805690761d7eb59bb15f7efdae43de9f79dbba726aa3b00540e7e215e8268d0544ccbf78db4eb970a1b4db764d8c52a449ad03cb5455bb1
SSDEEP

12288:C2au1U9n70GBl0tfyb2UlCjmlc+xjzZt7Rt8tC4IvSWMPOsoX1UKNGWL:bauSR5B6tf22kCj2xvjdt88X5s+1eWL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28697c0af331479b6ce7b98cd6033df4_JaffaCakes118

Files

28697c0af331479b6ce7b98cd6033df4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cf61e33c47b051e51b4d7bed16b6bf94

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
HeapCreate
GlobalUnlock
GetStdHandle
WaitForSingleObject
GetModuleHandleA
GetCommandLineA
GetSystemDefaultLangID
CloseHandle
WaitForMultipleObjects
InterlockedExchange
GetVersion
GetProfileIntA
LoadLibraryExA
GetConsoleCP
TlsFree
VirtualProtect
lstrlenA
HeapReAlloc
GetTickCount
AddAtomA

user32

GetDlgItem
SubtractRect
GetKeyboardLayout
UpdateWindow
InsertMenuA
PaintDesktop
CreateCaret
PostMessageA
GetKeyState
GetWindowTextA
TranslateMessage
ModifyMenuA
ShowWindow
CreateCursor
DialogBoxParamA
SetWindowPos
FindWindowA
DispatchMessageA
EqualRect
EnableScrollBar
SetPropA
GetMenuStringA
MessageBoxA
CopyRect
DestroyMenu

atl

AtlGetVersion
AtlModuleInit
AtlAdvise
AtlSetErrorInfo
AtlUnadvise

dnsapi

DnsStatusString

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 600KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ