8472370d32ae0ea498eaf3bfdd320fd6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8472370d32ae0ea498eaf3bfdd320fd6_JaffaCakes118
Size

16KB
MD5

8472370d32ae0ea498eaf3bfdd320fd6
SHA1

c479470253e0c90215544b410e779f2372346524
SHA256

7e60e499b561036f307d018281392fada52f6f588b05679c1b0e05f70c69d314
SHA512

16fc35fcdfb7d7542ce48bbdb24d2e241676a7462f8728da6254f679361f5a9adbd59551376c8d5724089e9fa9b6ee2ab526d6b2e011cd5619140101370dd638
SSDEEP

384:nkLuIOdtVcHV7cwd2ZW0tYclo0epANJtjNdBTZx:EUdtqv0ZoZZsJndBTZx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8472370d32ae0ea498eaf3bfdd320fd6_JaffaCakes118

Files

8472370d32ae0ea498eaf3bfdd320fd6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d4c3ebd1e76e6374a1ac8395582ad1a3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetLogicalDrives
GlobalAddAtomA
Sleep
InterlockedExchange
RaiseException
GlobalFree
GetACP
GetLastError
HeapCreate
GetCommandLineA
IsBadReadPtr
EnterCriticalSection
SetErrorMode
LoadLibraryExA
FileTimeToLocalFileTime
GetLocaleInfoA
GlobalDeleteAtom
GetStdHandle
LockResource
VirtualProtect

user32

wsprintfA
GetFocus
DrawEdge
GetCursorPos
ShowWindow
FrameRect
ValidateRect
DrawTextA
GetActiveWindow
ReleaseDC
GetMenuItemInfoA
GetClassNameA
GetWindowTextA
GetWindow
SetForegroundWindow
GetParent
IsIconic
EndPaint
BeginPaint

httpapi

HttpAddUrl
HttpInitialize
HttpRemoveUrl
HttpCreateHttpHandle
HttpTerminate

msutb

GetPopupTipbar

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ