6293a00b07292f133ef9bb4d64b83de6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6293a00b07292f133ef9bb4d64b83de6_JaffaCakes118
Size

17KB
MD5

6293a00b07292f133ef9bb4d64b83de6
SHA1

3571d47b495c3e8a1408fd71a8180cac77f5baf1
SHA256

9ffd89f353c9c0bf6b1a3fda5251636a6732aa1b80f7e5128a22256e80bb7ee9
SHA512

df4b6397ee9d5ad2708c6785a6c947c91f55a24699cd591d87d48c0fa691d9d3e7afd6dd62fc6d6f5ab005247184dd4bbeda7bdb4665161a42e2ec0c5e20477a
SSDEEP

384:H88888888888888888888888888888888888888888888888888888888888888t:H888888888888888888888888888888t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6293a00b07292f133ef9bb4d64b83de6_JaffaCakes118

Files

6293a00b07292f133ef9bb4d64b83de6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1efb6d9f68e46617b0bdbbb2083c5ad7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GlobalSize
WaitForSingleObject
GetTickCount
HeapReAlloc
VirtualProtect
CloseHandle
GetModuleHandleA
WaitForMultipleObjects
CompareFileTime
GlobalUnlock
GetUserDefaultLangID
InterlockedExchange
GetConsoleCP
GetAtomNameA
GetVersion
LoadLibraryExA
HeapCreate
ResumeThread
lstrlenA
GetConsoleDisplayMode

user32

wsprintfA
GetParent
GetDC
DragDetect
CloseWindow
GetCursorPos
GetTitleBarInfo
GetFocus
ReleaseDC
SetForegroundWindow
GetClassNameA
FrameRect
BeginPaint
CreateIcon
DrawTextA
ShowWindow
EndPaint
FillRect
GetWindow

rastapi

DeviceListen
DeviceDone
PortClose
AddPorts
DeviceConnect

quartz

DllGetClassObject

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ