624d799b37143414c9ee09a9fe0393f3_JaffaCakes118 | Triage

Sharing

General

Target

624d799b37143414c9ee09a9fe0393f3_JaffaCakes118
Size

17KB
MD5

624d799b37143414c9ee09a9fe0393f3
SHA1

4086ddbfbb774eb6b0397e47c466abdbdb19d91e
SHA256

513893878ed09e5d9b788ae2a816fa70dbffbc04f2d698c06a171ff1ea41eb24
SHA512

47c540c1c084542f63d34601d3a3906e8867cc0905723998cad12a16fd44cffc3818114ecd9cba9f845bc32ae2e0ff9eefe48c44ac88d4cee92decd1ef07958a
SSDEEP

192:qp6DC5EKKItqxMNSQcoL94GI722hx5OvHE5xi52iSdfaTzwR:86u5EKKI0MBZ9PI7Dx5qE3ioVUk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
624d799b37143414c9ee09a9fe0393f3_JaffaCakes118

Files

624d799b37143414c9ee09a9fe0393f3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3ceb9c2bc21b2cff2a8f626e925b14e5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
EnterCriticalSection
GetACP
GlobalAddAtomA
GetLocaleInfoA
GlobalFree
VirtualProtect
FileTimeToLocalFileTime
LoadLibraryExA
SetErrorMode
SetConsoleOutputCP
RaiseException
GetDriveTypeA
Sleep
LockResource
CloseHandle
IsBadReadPtr
GetLastError
InterlockedExchange
GlobalDeleteAtom
GetStdHandle

user32

GetParent
ShowWindow
SetForegroundWindow
ClipCursor
GetActiveWindow
ValidateRect
IsIconic
wsprintfA
GetWindowTextA
DrawEdge
GetClassNameA
DrawTextA
EndPaint
GetFocus
GetMenuItemInfoA
GetCursorPos
GetWindow
ReleaseDC
BeginPaint

httpapi

HttpAddUrl
HttpTerminate
HttpCreateHttpHandle
HttpInitialize
HttpRemoveUrl

msutb

GetPopupTipbar

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ