3ddea01aac98f0255e359ade19f0909a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ddea01aac98f0255e359ade19f0909a_JaffaCakes118
Size

416KB
MD5

3ddea01aac98f0255e359ade19f0909a
SHA1

4f2f7d857fbccac34a1448def72815a038fd96e4
SHA256

02ccef9582504843e86c8aabe1103e84ddfb4e7aa85f70e4379a9999fea22d5b
SHA512

75b4ca2428705c784c94971d89d77419aca6bfa99a2a4f7f0b57f4299d74d1d6a2847f069f1d649742699ffc8cb19f6d51de281559b6332f6df4979e7d17228a
SSDEEP

12288:UZ6TIoft2yugll2jnAaeX6mXM3W4/Plf:UZ6glQlCn0X6X3WoNf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ddea01aac98f0255e359ade19f0909a_JaffaCakes118

Files

3ddea01aac98f0255e359ade19f0909a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

642df4f65d69e59149e37fb8f0ed459c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToLocalFileTime
GlobalAddAtomA
GlobalDeleteAtom
Sleep
SetErrorMode
GlobalFree
InterlockedExchange
HeapCreate
LoadLibraryExA
CloseHandle
LockResource
GetStdHandle
VirtualProtect
GetACP
GetCommandLineA
RaiseException
EnterCriticalSection
GetLocaleInfoA
IsBadReadPtr
GetLastError
GetLogicalDrives

user32

GetClassNameA
EndPaint
GetFocus
ValidateRect
wsprintfA
SetForegroundWindow
ShowWindow
BeginPaint
GetActiveWindow
DrawTextA
GetCursorPos
FrameRect
GetMenuItemInfoA
GetWindowTextA
IsIconic
GetWindow
DrawEdge
ReleaseDC
GetParent

httpapi

HttpInitialize
HttpTerminate
HttpAddUrl
HttpCreateHttpHandle
HttpRemoveUrl

msutb

GetPopupTipbar

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ