682464f99bafdcd4e61e77ced7e1dde0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

682464f99bafdcd4e61e77ced7e1dde0_JaffaCakes118
Size

635KB
MD5

682464f99bafdcd4e61e77ced7e1dde0
SHA1

57609557eef122e8025049114b5e954004411a48
SHA256

2e630a8767ad22f201da59ac099f40fc2400f756b907509c9cfb3b66fc3f9f90
SHA512

82e11737073fe5420f2271ffbdef93715171ef75e111b51290944696cdc2910a20b388da1e3231e73e06422557eb2eb9132638186c7a2e9e34a4e030238dceaa
SSDEEP

12288:F7HPiCcaFlOiplwF7MPz+3rxn6F7IH7zZIM5v8+8sA7fLYFJ6EMlVArjYr:JHbcKI2wF7ei3Nt7PNj8sA3YFsNk2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
682464f99bafdcd4e61e77ced7e1dde0_JaffaCakes118

Files

682464f99bafdcd4e61e77ced7e1dde0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

21d8cb578f3a43e81fd973454368e19b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
ResetEvent
SetEvent
RaiseException
GlobalFree
VirtualProtect
CloseHandle
GetLastError
LoadLibraryExA
FindFirstFileA
GetLocaleInfoA
GetLogicalDrives
ReleaseMutex
GetCommandLineA
SetErrorMode
GetACP
GetStdHandle
HeapCreate
GetSystemDirectoryA
InterlockedExchange
Sleep

user32

IsIconic
ReleaseDC
EndPaint
GetWindow
GetClassNameA
FrameRect
FlashWindowEx
GetActiveWindow
GetWindowTextA
ShowWindow
ValidateRect
GetCursorPos
BeginPaint
wsprintfA
GetFocus
FillRect
GetParent
DrawTextA
SetForegroundWindow

httpapi

HttpCreateHttpHandle
HttpTerminate
HttpAddFragmentToCache
HttpInitialize
HttpAddUrl

winhttp

WinHttpOpen

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ