6faa301ddf014e4aac4cd819480b215b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6faa301ddf014e4aac4cd819480b215b_JaffaCakes118
Size

16KB
MD5

6faa301ddf014e4aac4cd819480b215b
SHA1

88006042119f0a4d5e30659357bf563dad03f73b
SHA256

01359661239aafa1588a71149fae663c031fba9b9274f9133520d1e5cf452e75
SHA512

de340567e97f289bfd8c34d6f64e8cd4efa6f44f9da48458392bd608badb4146e75dcc07c02b9f1673672afbd28f2b425337a5e285371ce8696269a183895039
SSDEEP

384:VpvDWVF0fiHnx4GgnxDUhK7xc18fTrg4t4TFrn:DrsF0Y9C52K7xcuf4O4TFrn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6faa301ddf014e4aac4cd819480b215b_JaffaCakes118

Files

6faa301ddf014e4aac4cd819480b215b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0a35faab7cd038af7ecfe3910fd10b22

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAddAtomA
SetConsoleCP
VirtualProtect
SetErrorMode
SizeofResource
GetLastError
LoadLibraryExA
Sleep
EnterCriticalSection
HeapCreate
GetTimeFormatA
GlobalUnlock
GlobalFree
RaiseException
GetPriorityClass
GetStdHandle
GetACP
MultiByteToWideChar
GlobalDeleteAtom
LockResource
CloseHandle

user32

GetFocus
IsIconic
DrawMenuBar
AnyPopup
GetClassInfoExA
EndPaint
GetActiveWindow
ValidateRect
ReleaseDC
ShowWindow
BeginPaint
GetClassNameA
GetWindow
GetParent
GetMenuItemInfoA
GetCursorPos
GetWindowTextA
GetForegroundWindow
DrawEdge

mprapi

MprAdminUserWrite
MprAdminUserOpen
MprAdminUserGetInfo
MprAdminUserRead
MprAdminUserClose

mapi32

MAPILogonEx

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ