4c768484fe01fc83e68245256cbe6267_JaffaCakes118 | Triage

Sharing

General

Target

4c768484fe01fc83e68245256cbe6267_JaffaCakes118
Size

164KB
MD5

4c768484fe01fc83e68245256cbe6267
SHA1

52b2fa89cead8c2fd7db237bc1ecc1cd8a0f1536
SHA256

f235acafda03f58d4e78d3ef94056fb57d5d40417c8a8ad461378782a43cac12
SHA512

105d7adeab433c5da02e2739e29beed0f9e2e1ad0ca8e349ddd525a5c9f54bf50a610019b21986b7ed421bf0832d929cd7f5ae2852a495315157a1eb458d0008
SSDEEP

3072:Az8SirdVljfesczx7louHK+oyl6/j3Jvm/2tF9sUuIe0JDlgN9sx0/5dVI4JpbjJ:64dVhzctJoYKS6/TJ80uIe1NF/5dVI4h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c768484fe01fc83e68245256cbe6267_JaffaCakes118

Files

4c768484fe01fc83e68245256cbe6267_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4ca7e92617770ed0e23f1db191bc0d78

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
SetErrorMode
LockResource
GlobalFree
EnterCriticalSection
GlobalUnlock
GetStdHandle
SetConsoleOutputCP
GlobalDeleteAtom
VirtualProtect
GlobalAddAtomA
FoldStringA
GetDriveTypeA
RaiseException
InterlockedExchange
Sleep
HeapCreate
CloseHandle
LoadLibraryExA
GetACP
GetLocaleInfoA

user32

GetWindowTextA
EndPaint
IsIconic
GetActiveWindow
DrawEdge
ClipCursor
GetParent
ReleaseDC
ValidateRect
GetClassNameA
BeginPaint
GetCursorPos
ShowWindow
DrawTextA
SetForegroundWindow
GetMenuItemInfoA
CharToOemBuffA
GetFocus
GetWindow

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerFindFileA
VerQueryValueA
VerInstallFileA

rasadhlp

WSAttemptAutodialName

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 704KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ