28820613f1fa595d5d26cfb347431408_JaffaCakes118 | Triage

Sharing

General

Target

28820613f1fa595d5d26cfb347431408_JaffaCakes118
Size

185KB
MD5

28820613f1fa595d5d26cfb347431408
SHA1

8bd2af87f46de6181df09294ff561e79e11a8e90
SHA256

120ea53a98967e6b087cfdc1831cc955f092447fb485cd5bfee3917279ea6fd8
SHA512

8186c2ce88ca4c224bc3ba041a9f039015b4489aa55ad6fc5bb3f74ea4b03a76e151a138ae33d9edc78a032c46343fb463f2b2f568a72155bc3886a29ce35e5b
SSDEEP

3072:7EONb6UkZ1nA3o4WX8ZRImnNkGmGDKr9OHyugllYlPeunbXTAYzFAaeSCf7+LmGR:7rNb6U4IokZRIh0KJ2yugllYtxbXc8AA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28820613f1fa595d5d26cfb347431408_JaffaCakes118

Files

28820613f1fa595d5d26cfb347431408_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e0707aef571df96ab6f4fa80c80418dc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
GetLocaleInfoA
FileTimeToLocalFileTime
GetCommandLineA
GlobalAddAtomA
LoadLibraryExA
VirtualProtect
GetACP
GlobalDeleteAtom
GlobalFree
IsBadReadPtr
CloseHandle
GetLastError
Sleep
LockResource
GetLogicalDrives
InterlockedExchange
SetErrorMode
RaiseException
GetStdHandle
HeapCreate

user32

GetWindow
IsIconic
wsprintfA
ShowWindow
ValidateRect
DrawEdge
GetParent
GetWindowTextA
GetCursorPos
SetForegroundWindow
GetMenuItemInfoA
GetFocus
GetActiveWindow
GetClassNameA
DrawTextA
FrameRect
ReleaseDC
BeginPaint
EndPaint

httpapi

HttpTerminate
HttpInitialize
HttpAddUrl
HttpCreateHttpHandle
HttpRemoveUrl

msutb

GetPopupTipbar

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ