3022406bce6db4297412802ef18e2b33_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3022406bce6db4297412802ef18e2b33_JaffaCakes118
Size

317KB
MD5

3022406bce6db4297412802ef18e2b33
SHA1

5fc09f57f242a66db75b52f5de12d6be215e4278
SHA256

d2fac60d802c015c0eb9a2786876cd8795885be624ce4a1111dc216ab52c17d0
SHA512

5c40344efa42cca85eb9588a25a08af7fe7b1858a3d11476b21c82d2fa330db78bcac586585bafc433513b21c0353846952c21ccfb18e94faa1510b9fdd4d621
SSDEEP

6144:NHHIeC/4nXA13lwjbjHMGcnr6hDLCF1bzzFD5BrOSMInBOwUsD1N:NH5nX5Hrlcnr6hDLstzzYSMaBOwUsRN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3022406bce6db4297412802ef18e2b33_JaffaCakes118

Files

3022406bce6db4297412802ef18e2b33_JaffaCakes118
.exe windows:4 windows x86 arch:x86

13611997ebb3a105a344a9d399a543bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
EnterCriticalSection
FreeConsole
RaiseException
GlobalUnlock
DeleteAtom
GlobalAddAtomA
IsBadCodePtr
CloseHandle
SetConsolePalette
GetStdHandle
LoadResource
VirtualProtect
GetOEMCP
WriteProfileStringA
GlobalFree
GlobalAddAtomA
LocalFree
LoadLibraryExA
GetLastError
lstrcat

user32

GetClassNameA
DrawEdge
GetActiveWindow
ReleaseDC
AlignRects
BeginPaint
GetFocus
GetForegroundWindow
GetWindow
GetWindowTextLengthA
ValidateRect
CloseWindow
GetClassInfoExA
IsIconic
GetWindowTextA
GetParent
GetDC
EndPaint
ShowWindow

mprapi

MprAdminUserGetInfo
MprAdminUserClose
MprAdminUserWrite
MprAdminUserOpen
MprAdminUserRead

linkinfo

CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ