3d5984eef8ddb1d20b86e76b6497e374_JaffaCakes118 | Triage

Sharing

General

Target

3d5984eef8ddb1d20b86e76b6497e374_JaffaCakes118
Size

312KB
MD5

3d5984eef8ddb1d20b86e76b6497e374
SHA1

6db75359f3a93cb4e66826524d077209406a3bc9
SHA256

7b96b3825b88e4c6852060071d34b084c4533c880b5188e846c6bf5be1e32b91
SHA512

56ae3d366aec60dbbaf13486da5e73390e852c03ad17d7bce1003bc12f7c8545ea9243e6855930f581f6104aa59ee24152b9ab160a59867012a300f8db63d310
SSDEEP

6144:ed+NsHYcfGkNdCEW/gh95Re3YIAR6y0SROGN+4PrVAuJq:ed+uH3fGoCEW/49zwdGI4PrVAQq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d5984eef8ddb1d20b86e76b6497e374_JaffaCakes118

Files

3d5984eef8ddb1d20b86e76b6497e374_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bc6f7e04886c0ed2b57c24985f062c4a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
GlobalFree
GetDriveTypeA
LockResource
FileTimeToLocalFileTime
RaiseException
GetStdHandle
GetACP
GlobalDeleteAtom
GetLastError
SetErrorMode
IsBadReadPtr
GetLocaleInfoA
GlobalAddAtomA
Sleep
EnterCriticalSection
SetConsoleOutputCP
VirtualProtect
LoadLibraryExA
CloseHandle
InterlockedExchange

user32

ShowWindow
ReleaseDC
SetForegroundWindow
GetMenuItemInfoA
GetParent
DrawEdge
wsprintfA
GetFocus
DrawTextA
EndPaint
GetWindow
BeginPaint
GetClassNameA
GetWindowTextA
GetActiveWindow
ValidateRect
ClipCursor
IsIconic
GetCursorPos

httpapi

HttpTerminate
HttpAddUrl
HttpCreateHttpHandle
HttpInitialize
HttpRemoveUrl

msutb

GetPopupTipbar

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ