6a6b626a22f869a43c275ac1c3ef0ae7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6a6b626a22f869a43c275ac1c3ef0ae7_JaffaCakes118
Size

416KB
MD5

6a6b626a22f869a43c275ac1c3ef0ae7
SHA1

46b1caff9a17f88415b259bcc0700efa691b716d
SHA256

c14a4fc21e2e4f973640dfdadd9b1c35f1724a05ad20b1c6d294f927c0383330
SHA512

cedf230855bea77b68b2b26ccbda4891c960bdb7caa65c1d39a74b95fd665679e4522f06db6846c648328a1ce48348b76a4b6d41dfe7429d513b5e5f0e854f55
SSDEEP

12288:MZ6TIoft2yugll2jnAaeX6mXM3W4/Plf:MZ6glQlCn0X6X3WoNf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a6b626a22f869a43c275ac1c3ef0ae7_JaffaCakes118

Files

6a6b626a22f869a43c275ac1c3ef0ae7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b748b4446916028107b1833df770abed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
HeapCreate
VirtualProtect
GetLastError
GetLocaleInfoA
GlobalDeleteAtom
Sleep
EnterCriticalSection
CloseHandle
LockResource
GetLogicalDrives
GetACP
IsBadReadPtr
SetErrorMode
GlobalFree
FileTimeToLocalFileTime
GetStdHandle
GetCommandLineA
InterlockedExchange
LoadLibraryExA
GlobalAddAtomA

user32

GetParent
GetCursorPos
GetClassNameA
GetActiveWindow
ValidateRect
EndPaint
GetFocus
BeginPaint
DrawTextA
ReleaseDC
SetForegroundWindow
DrawEdge
GetWindow
ShowWindow
GetMenuItemInfoA
IsIconic
GetWindowTextA
FrameRect
wsprintfA

httpapi

HttpCreateHttpHandle
HttpRemoveUrl
HttpAddUrl
HttpInitialize
HttpTerminate

msutb

GetPopupTipbar

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ