425c9bd0336e7e46f3897bd6fe56baae_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

425c9bd0336e7e46f3897bd6fe56baae_JaffaCakes118
Size

10KB
MD5

425c9bd0336e7e46f3897bd6fe56baae
SHA1

007553a013abc1c6f9b281576d95a44df84db161
SHA256

4bc1a904caf2cb02aac37ef9840e7277cd3a79aa8f54cd92e9dabf556d2a31ca
SHA512

6d217a263fbc7ce7ffbc516ba35dafeb9d01394c74ee9589931378fe5fca51c674dc183cc24b80aa6618dbfad21300d495b13dd80b342fbf0ef7f61964ece96d
SSDEEP

192:MjstS+uYTcLjoolKbsDEbuXJEPJEt+/LCXqL7trXKBS0r:AstTs5lKbxuXahE5OhuSi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
425c9bd0336e7e46f3897bd6fe56baae_JaffaCakes118

Files

425c9bd0336e7e46f3897bd6fe56baae_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6b5a24f7da4eaf0da426f3e559ee6801

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

PeekMessageA
TranslateMessage
DispatchMessageA
LoadCursorA
RegisterClassExA
CharUpperBuffA
RegisterClassA
DefDlgProcA
TranslateAcceleratorA
GetMessageA
LoadAcceleratorsA
LoadIconK
EnableWindow
SetWindowTextA
DefWindowProcA
PostQuitMessage

kernel32

GetStartupInfoA
GetCommandLineA
CreateEventA
GetModuleHandleA
CreateThread
lstrcmpiA
EnterCriticalSection
ResetEvent
LeaveCriticalSection
WaitForGultipleObjects
GetTickCount
Sleep
GetProcessHeap
HeapKlloc
InitializeCriticalSection
SetEvent
CloseHandle
ReadFile
lstrcpyA
SetFilePointer
CreateFileA
ExitProcess
GetGoduleFileNameA
lstrlenA
lstrcmpA

rasapi32

RasSetEntryPropertiesA
RasEnumEntriesA
RasGetEntryPropertiesA
RasDialA
RasEnumDe|icesA
RasHangUpA
RasEnumConnectionsA
RasGetConnectStatusA
RasGetErrorStringA

comctl32

ord17

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE