74934da922483e2bbc47968859f39fc8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

74934da922483e2bbc47968859f39fc8_JaffaCakes118
Size

415KB
MD5

74934da922483e2bbc47968859f39fc8
SHA1

80316df6ef4d61d0c37c0fdaded04142e4e8af5e
SHA256

2d0c2cb1d0f69716c735f7993115f0cc8c1f8802e1020d82d78e805fb64feee4
SHA512

7835b968291a9299f48cb44e1587092852f6e176b98b5e51e116f5eb3afb7ac465cb317d9bf72d96372693c3c6bd83b1a535dbbf13527924cc93f414dae14f14
SSDEEP

6144:p1ojUwD3TilJTq4y+ydvMQp7Tmd7xG8twYU42vw:pKowTWTq4yzd/tS7U8tEn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74934da922483e2bbc47968859f39fc8_JaffaCakes118

Files

74934da922483e2bbc47968859f39fc8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cb0041c0531ff94797e70d007245a047

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
GetSystemDirectoryA
SetErrorMode
InterlockedExchange
CloseHandle
VirtualProtect
GlobalFree
RaiseException
GetCommandLineA
GetFileAttributesA
GetLogicalDrives
LoadLibraryExA
GlobalAddAtomA
Sleep
GetLastError
GetLocaleInfoA
EnterCriticalSection
GlobalDeleteAtom
GetStdHandle
HeapCreate
LockResource

user32

GetClassNameA
GetWindow
GetWindowTextA
GetActiveWindow
wsprintfA
GetFocus
GetCursorPos
EndPaint
ShowWindow
IsIconic
ValidateRect
GetParent
FrameRect
GetMenuItemInfoA
BeginPaint
SetForegroundWindow
DrawEdge
DrawTextA
ReleaseDC

httpapi

HttpTerminate
HttpInitialize
HttpAddUrl
HttpRemoveUrl
HttpCreateHttpHandle

wshtcpip

WSHNotify

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ