3a4d6a32d0be942e06887ccd5839df40_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3a4d6a32d0be942e06887ccd5839df40_JaffaCakes118
Size

312KB
MD5

3a4d6a32d0be942e06887ccd5839df40
SHA1

c4bb93f7efc648b6ee38044e1be1178b6994d5c2
SHA256

336e72b0496adc3b114ae9c7703ecf6a14d132c382f77f89cac6be2389c655a1
SHA512

2773bda83ed25c172819646b60658ae2a82b30d500e6d3932ac989fea8df67350791dc5419ef5cb3b1ba5575defc5c282bda13b786a83801d77ab9a09229c79c
SSDEEP

6144:4d+NsHYcfGkNdCEW/gh95Re3YIAR6y0SROGN+4PrVAuJq:4d+uH3fGoCEW/49zwdGI4PrVAQq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a4d6a32d0be942e06887ccd5839df40_JaffaCakes118

Files

3a4d6a32d0be942e06887ccd5839df40_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ab65dc7dc05f1797b2104da7f114e20a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeA
GetStdHandle
CloseHandle
GetACP
Sleep
GlobalAddAtomA
HeapCreate
LockResource
LoadLibraryExA
GetLocaleInfoA
GlobalDeleteAtom
InterlockedExchange
EnterCriticalSection
VirtualProtect
SetConsoleOutputCP
RaiseException
IsBadReadPtr
GetLastError
SetErrorMode
FileTimeToLocalFileTime
GlobalFree

user32

GetParent
ClipCursor
ShowWindow
DrawEdge
GetActiveWindow
BeginPaint
ReleaseDC
IsIconic
GetWindowTextA
GetClassNameA
GetWindow
DrawTextA
wsprintfA
GetMenuItemInfoA
GetFocus
GetCursorPos
EndPaint
ValidateRect
SetForegroundWindow

httpapi

HttpInitialize
HttpAddUrl
HttpCreateHttpHandle
HttpRemoveUrl
HttpTerminate

msutb

GetPopupTipbar

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ