75e1643c24b35610dbc9cf301672428f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

75e1643c24b35610dbc9cf301672428f_JaffaCakes118
Size

311KB
MD5

75e1643c24b35610dbc9cf301672428f
SHA1

061ff7eab5667db6159c23938cf913c6d5e700da
SHA256

4e942dba40ab936492cb235810928301a76474559a64cf93ac9fe236a3ad04dc
SHA512

782dd33388bef2f40000be373cb7c1981569c231d83b673397b1935a1992b09a471a3bfe1511b942705db65bb9cbf1dbeb3b3ea2aa0af028d65a50de428aaa7b
SSDEEP

6144:1d+NsHYcfGkNdCEW/gh95Re3YIAR6y0SROGN+4PrVAuJq:1d+uH3fGoCEW/49zwdGI4PrVAQq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75e1643c24b35610dbc9cf301672428f_JaffaCakes118

Files

75e1643c24b35610dbc9cf301672428f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e78e1c83c67595833ec39959e97deba2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAddAtomA
InterlockedExchange
GlobalDeleteAtom
IsBadReadPtr
Sleep
RaiseException
GetDriveTypeA
GetStdHandle
SetErrorMode
GetLastError
VirtualProtect
LoadLibraryExA
GetLocaleInfoA
GlobalFree
EnterCriticalSection
LockResource
SetConsoleOutputCP
FileTimeToLocalFileTime
GetACP
CloseHandle
HeapCreate

user32

DrawEdge
GetWindowTextA
EndPaint
GetParent
GetMenuItemInfoA
ValidateRect
ShowWindow
GetClassNameA
SetForegroundWindow
ClipCursor
BeginPaint
GetActiveWindow
ReleaseDC
GetFocus
GetWindow
DrawTextA
IsIconic
GetCursorPos
wsprintfA

httpapi

HttpTerminate
HttpAddUrl
HttpCreateHttpHandle
HttpInitialize
HttpRemoveUrl

msutb

GetPopupTipbar

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ