4d1973d0ac17b6e5928c73d5da1c5911_JaffaCakes118 | Triage

Sharing

General

Target

4d1973d0ac17b6e5928c73d5da1c5911_JaffaCakes118
Size

212KB
MD5

4d1973d0ac17b6e5928c73d5da1c5911
SHA1

54d4aedcc2d3ff114260d7612c9e9190043ccc1b
SHA256

7c173f69dd1980ff8c17c7101e61b5dade34307625cf69ccc72dadb84c86be47
SHA512

1e90a04621662da923bd5fc4fbef84d7315556cd10d8ff5b28041071b54190278b6d830be89bcb176f09e78b28dbe706c98fb3d053b0bc67f602c6d7823169d8
SSDEEP

6144:iOydwwJxBKM+WdJrbsVUl3f7l4iaIlrQt2+y:SzJKM+WdsUNzl4iaItQY+y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d1973d0ac17b6e5928c73d5da1c5911_JaffaCakes118

Files

4d1973d0ac17b6e5928c73d5da1c5911_JaffaCakes118
.exe windows:4 windows x86 arch:x86

489cc856c1024b693e383623bf1e2810

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchange
LockResource
GlobalAddAtomA
EnterCriticalSection
GlobalFree
LoadLibraryExA
SetErrorMode
RaiseException
GetSystemDirectoryA
GetLocaleInfoA
GetFileAttributesA
GetCommandLineA
GetLogicalDrives
VirtualProtect
GetACP
CloseHandle
Sleep
GetStdHandle
HeapCreate
GlobalDeleteAtom
GetLastError

user32

GetWindow
DrawEdge
GetCursorPos
GetClassNameA
GetWindowTextA
SetForegroundWindow
DrawTextA
GetMenuItemInfoA
ValidateRect
FrameRect
wsprintfA
EndPaint
BeginPaint
IsIconic
GetParent
GetActiveWindow
ReleaseDC
GetFocus
ShowWindow

httpapi

HttpAddUrl
HttpRemoveUrl
HttpTerminate
HttpInitialize
HttpCreateHttpHandle

wshtcpip

WSHNotify

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ