441f629127d07f5088b9e8fed9f7b828_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

441f629127d07f5088b9e8fed9f7b828_JaffaCakes118
Size

86KB
MD5

441f629127d07f5088b9e8fed9f7b828
SHA1

098929783ccdf1dadbf8dcb955700d8ec770f303
SHA256

973a2241b4fa37974e99cda54fa1857d72fe26189411e010ae1e2db3dc51a66a
SHA512

434eff2ea2e6cdd86953933e620aed801d7361c795bec4c345ce9008290d71938d6c951996b0372c180eb1c1de906d86a74866997c63d148fc725dee27c2ea43
SSDEEP

1536:CnRnjZ4gx4fw8CoK6ye+5nYa9vzaKye1jmt8NiwSVwa2e:CRnN4gxlzs+5YiaKlC84ea2e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
441f629127d07f5088b9e8fed9f7b828_JaffaCakes118

Files

441f629127d07f5088b9e8fed9f7b828_JaffaCakes118
.exe windows:4 windows x86 arch:x86

08cf1af1082f3d7a742c5ab9b574ffdb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
LoadLibraryExA
GlobalFree
GlobalUnlock
SetConsolePalette
LoadResource
GetOEMCP
LocalFree
CloseHandle
GetLastError
GetStdHandle
HeapCreate
FreeConsole
GlobalAddAtomA
lstrcat
VirtualProtect
DeleteAtom
IsBadCodePtr
EnterCriticalSection
GlobalAddAtomA
WriteProfileStringA

user32

GetForegroundWindow
GetParent
DrawEdge
GetClassNameA
GetClassInfoExA
GetWindowTextLengthA
GetActiveWindow
ReleaseDC
GetFocus
BeginPaint
GetWindow
ValidateRect
CloseWindow
AlignRects
ShowWindow
IsIconic
EndPaint
GetDC
GetWindowTextA

mprapi

MprAdminUserGetInfo
MprAdminUserWrite
MprAdminUserClose
MprAdminUserOpen
MprAdminUserRead

linkinfo

CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ