2f1ff8bcd3b9d52c926c1985bd3b864e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2f1ff8bcd3b9d52c926c1985bd3b864e_JaffaCakes118
Size

311KB
MD5

2f1ff8bcd3b9d52c926c1985bd3b864e
SHA1

71529969ced7ff54c38ddf35f78f12a664ba064e
SHA256

4203a31839b42362857a2adb1d43ee34382184642125106c6eba347458406949
SHA512

e11013f2e9a0226e9afa57b977ada0d499a51eb5839b78acae94e0481780b3b94ee91088321cff1822c99e4420604a521506c034e1ced60643a815704e7fdfc5
SSDEEP

6144:rB4U8SZ6FFZGjaCLoOAG99sAEa4LZtz5ft13ZC11b2+Lh+679+y7Ul/WtBB+Wxa:2jCmFLCLXiAMN5l1k11b225l7Uy+U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f1ff8bcd3b9d52c926c1985bd3b864e_JaffaCakes118

Files

2f1ff8bcd3b9d52c926c1985bd3b864e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

543e18224915aaf91e0f3d1843857489

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchange
ResetEvent
SetErrorMode
VirtualProtect
EnterCriticalSection
HeapCreate
FindFirstFileA
GetACP
GetStdHandle
GetLastError
ReleaseMutex
RaiseException
GlobalFree
GetCommandLineA
LoadLibraryExA
CloseHandle
GetLogicalDrives
GetLocaleInfoA
SetEvent
Sleep
GetSystemDirectoryA

user32

FillRect
GetFocus
FlashWindowEx
GetActiveWindow
GetWindow
GetWindowTextA
ValidateRect
GetParent
ReleaseDC
ShowWindow
FrameRect
SetForegroundWindow
IsIconic
GetClassNameA
GetCursorPos
EndPaint
BeginPaint
wsprintfA
DrawTextA

httpapi

HttpAddUrl
HttpTerminate
HttpCreateHttpHandle
HttpInitialize
HttpAddFragmentToCache

winhttp

WinHttpOpen

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ