4d20d54b0818b7290fd85cd944979fa7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4d20d54b0818b7290fd85cd944979fa7_JaffaCakes118
Size

194KB
MD5

4d20d54b0818b7290fd85cd944979fa7
SHA1

6efec091bd9085d9f37979a7573b490b612dc8a5
SHA256

2ab51c7ca62745b563f4b8c6b991adf1bc59b4f5350a04666c0acb148ef42067
SHA512

f1111aa62912385183648ed4fb8661136f3cb0e41e2e2c1e7f0e4cc26612570301dd4f8d88ef6e8d8d596c08f16bcde10931de0f4cf4e7062436c16fefc11455
SSDEEP

3072:X0Yj/Xs1hPLgAnboAcz+u8qSfT5kvt64YdWjxZ+LRC64k3a92:XVjEbPfnboAxhVdoZ+gk3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d20d54b0818b7290fd85cd944979fa7_JaffaCakes118

Files

4d20d54b0818b7290fd85cd944979fa7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dcc57599d777bc8f4033cd3fffce56e6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
GlobalFree
GetStdHandle
FreeConsole
DeleteAtom
GlobalAddAtomA
LocalFree
LoadResource
GlobalUnlock
VirtualProtect
lstrcat
GlobalAddAtomA
RaiseException
GetLastError
WriteProfileStringA
SetConsolePalette
EnterCriticalSection
CloseHandle
HeapCreate
GetOEMCP
IsBadCodePtr

user32

IsIconic
BeginPaint
EndPaint
ReleaseDC
GetWindow
GetParent
GetForegroundWindow
GetClassNameA
GetWindowTextA
GetDC
ValidateRect
GetFocus
GetWindowTextLengthA
GetClassInfoExA
ShowWindow
AlignRects
DrawEdge
CloseWindow
GetActiveWindow

mprapi

MprAdminUserRead
MprAdminUserGetInfo
MprAdminUserWrite
MprAdminUserOpen
MprAdminUserClose

linkinfo

CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ