331065aae0177cae376cb37f7881343d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

331065aae0177cae376cb37f7881343d_JaffaCakes118
Size

242KB
MD5

331065aae0177cae376cb37f7881343d
SHA1

7d213c489e379409c0a8bbcf686e0920a3122bee
SHA256

41aa6920140b776aec2c4c1542099b9951b54ff1d493a9dd6bd969451d6648db
SHA512

02eb6326f96fc90fb56604a3c0ab71ad68aa65a5be92952827773a9917761735406ddd116aa0fe235374725be1b716004a6e3ab0285817b1a698f7b6b33a1fd7
SSDEEP

6144:Htg+5ertIMcYVmvo0Xuu8Vkz09ezRrJD4OHuPeN:Ht2rtVcYovoSuu8Vkz09GJhHyeN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
331065aae0177cae376cb37f7881343d_JaffaCakes118

Files

331065aae0177cae376cb37f7881343d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3af057562da1b4fde4110bb228c0ec53

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAddAtomA
RaiseException
GlobalAddAtomA
EnterCriticalSection
GetACP
GlobalUnlock
CloseHandle
SetConsolePalette
GlobalFree
LoadResource
VirtualProtect
lstrcpyA
GetLastError
LoadLibraryExA
HeapCreate
IsBadCodePtr
FreeConsole
GetStdHandle
WriteProfileStringA
DeleteAtom
LocalFree

user32

IsIconic
GetParent
GetFocus
EndPaint
DrawEdge
GetWindowTextLengthA
GetWindowTextA
ReleaseDC
GetClassInfoExA
ShowWindow
GetClassNameA
GetWindow
ValidateRect
CloseWindow
BeginPaint
GetActiveWindow
GetDC
AlignRects
GetForegroundWindow

mprapi

MprAdminUserWrite
MprAdminUserGetInfo
MprAdminUserRead
MprAdminUserClose
MprAdminUserOpen

linkinfo

CreateLinkInfoA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 596KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ