8821dc63d7c738f3ca58eafa4fd0d681_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8821dc63d7c738f3ca58eafa4fd0d681_JaffaCakes118
Size

635KB
MD5

8821dc63d7c738f3ca58eafa4fd0d681
SHA1

1bf6e75ee13e107f700258c259a9177f0086280d
SHA256

ff3c75c6d4650ca7eab5e39183867cfc8829b1c0ba34ad6cd01c30a2d5878043
SHA512

290e83a776d9eb99e65bdbcdc183939d3e4ec0b21c7b787a0d1023bc163bb237aebfff5db8eaa0c48109f5369a0b775109c9462804e3012b182d657d271c3d91
SSDEEP

12288:jtXADLZx1UPWq17TCmAdpRLBuGtfTSgjNI8O10GRq8CXcTcrrugWDrFhE:hX41IW8e7Z99BugZI8O10MLCpXug6hE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8821dc63d7c738f3ca58eafa4fd0d681_JaffaCakes118

Files

8821dc63d7c738f3ca58eafa4fd0d681_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c96f8a1a6d6e51ed1f6ffc3c4843e101

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadReadPtr
GlobalFree
RaiseException
GlobalDeleteAtom
GlobalAddAtomA
CloseHandle
EnterCriticalSection
GetStdHandle
GetCommandLineA
VirtualProtect
FileTimeToLocalFileTime
LockResource
Sleep
SetErrorMode
GetLocaleInfoA
GetACP
GetLogicalDrives
GetLastError
LoadLibraryExA
HeapCreate
InterlockedExchange

user32

GetParent
GetWindow
EndPaint
GetFocus
ValidateRect
ShowWindow
GetMenuItemInfoA
GetClassNameA
GetWindowTextA
wsprintfA
SetForegroundWindow
ReleaseDC
DrawTextA
GetCursorPos
IsIconic
BeginPaint
FrameRect
GetActiveWindow
DrawEdge

httpapi

HttpCreateHttpHandle
HttpAddUrl
HttpRemoveUrl
HttpTerminate
HttpInitialize

msutb

GetPopupTipbar

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ