868d9305bc3fbc454dfaa09c2c041366_JaffaCakes118 | Triage

Sharing

General

Target

868d9305bc3fbc454dfaa09c2c041366_JaffaCakes118
Size

317KB
MD5

868d9305bc3fbc454dfaa09c2c041366
SHA1

7db47b272110accf3669282e5643404f4a5ba6a9
SHA256

d2ec1169a338217bf4302a3fa2edcf91e52dcc452a51369c4eb5901f3089daf1
SHA512

e5d18d2f0836f0f4410d6d468e1af1f99925e122b1b06cb3783cb22015cbd7a3c1c7621efb5c5b44f692241d3517e52d5e9dc3d5f15ee0f3105a5d62c35dfced
SSDEEP

6144:7AoQeC/4nXA13lwjbjHMGcnr6hDLCF1bzzFD5BrOSMInBOwUsD1N:7A+nX5Hrlcnr6hDLstzzYSMaBOwUsRN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
868d9305bc3fbc454dfaa09c2c041366_JaffaCakes118

Files

868d9305bc3fbc454dfaa09c2c041366_JaffaCakes118
.exe windows:4 windows x86 arch:x86

60796ec975c91583193428410301f7c0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteAtom
GlobalUnlock
lstrcpyA
GlobalAddAtomA
VirtualProtect
RaiseException
LoadLibraryExA
WriteProfileStringA
GetStdHandle
GetOEMCP
GetLastError
SetConsolePalette
CloseHandle
FreeConsole
HeapCreate
EnterCriticalSection
LoadResource
GlobalFree
GlobalAddAtomA
LocalFree
IsBadCodePtr

user32

DrawEdge
GetActiveWindow
GetClassInfoExA
ReleaseDC
CloseWindow
ValidateRect
EndPaint
GetDC
GetParent
ShowWindow
IsIconic
GetWindowTextA
GetWindow
BeginPaint
GetWindowTextLengthA
AlignRects
GetFocus
GetClassNameA
GetForegroundWindow

mprapi

MprAdminUserClose
MprAdminUserWrite
MprAdminUserOpen
MprAdminUserGetInfo
MprAdminUserRead

linkinfo

CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ