41a04b83b7fed4b4d8ce8c9dc30c22d9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

41a04b83b7fed4b4d8ce8c9dc30c22d9_JaffaCakes118
Size

312KB
MD5

41a04b83b7fed4b4d8ce8c9dc30c22d9
SHA1

e19e1b63c5d8db9d770db0f4b0ab9ac52e11c1aa
SHA256

6b2367fc57b5a71c4f5385febacfa3a7a5ba3add9040470eff945992c4c7bfe2
SHA512

4be02b79efb2db3daab647be10f8d3dcfa9aa4cb48508f39e4e57ffb1cfc81c17b71607940ded5fe546db397697cf284a89259d2a23dabae9f32b51a7eb9bd9b
SSDEEP

6144:Zbn8YMs5a8nqK7eEvRoOY5Oka6Q2iH0699R2rF531xjk:9n8FK7eEvyOY8kb/c4p91K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41a04b83b7fed4b4d8ce8c9dc30c22d9_JaffaCakes118

Files

41a04b83b7fed4b4d8ce8c9dc30c22d9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7affc34992975e871ec09e3168d264d3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDBCSLeadByte
CreateMutexA
ReleaseMutex
TlsGetValue
GetModuleHandleA
GetThreadLocale
CreateThread
GlobalFindAtomA
GetOEMCP
GetConsoleCP
SetEvent
CompareStringA
GetExitCodeThread
CreatePipe
GetVolumeInformationA
GetProcessHeap
TlsFree
VirtualAlloc
GetUserDefaultLangID
GetPriorityClass
GetStdHandle

user32

GetFocus
ReleaseDC
ReleaseDC
GetForegroundWindow
GetWindow
IsWindowVisible
GetClassInfoExA
GetWindowTextA
GetWindowTextLengthA
CloseWindow
GetDC
InvalidateRect
GetActiveWindow
GetSystemMetrics
RegisterClassA
ShowWindow
IsIconic
ValidateRect
GetClassNameA

shell32

SHBrowseForFolderA
SHCreateShellItem
SHChangeNotify
SHGetFolderPathA
SHGetFileInfoA

ntdsapi

DsBindA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ