8c3cc00da0d064d3ccb4389b2fdbecf4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8c3cc00da0d064d3ccb4389b2fdbecf4_JaffaCakes118
Size

415KB
MD5

8c3cc00da0d064d3ccb4389b2fdbecf4
SHA1

d1915a797943c7bf377c51a2f529533aa4a41099
SHA256

9dedcffb60045ba9e908c9041532359c1aa902de80c9c7f0add759f2639e20a1
SHA512

2659065e1ed52fe8a19b178fa728a651d83350e4b18179abb23ce68ed3b2801368a31002cc10af339d758a6e4d96b2a3aad194fcc0ea319a5985b3fd6a0d5313
SSDEEP

6144:a1ojUwD3TilJTq4y+ydvMQp7Tmd7xG8twYU42vw:aKowTWTq4yzd/tS7U8tEn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c3cc00da0d064d3ccb4389b2fdbecf4_JaffaCakes118

Files

8c3cc00da0d064d3ccb4389b2fdbecf4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

45c96cb0f1847eb6ae1d5a947039f315

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAddAtomA
GlobalFree
EnterCriticalSection
GlobalDeleteAtom
GetACP
LoadLibraryExA
GetLocaleInfoA
GetSystemDirectoryA
InterlockedExchange
GetCommandLineA
GetLogicalDrives
Sleep
GetStdHandle
HeapCreate
LockResource
GetFileAttributesA
CloseHandle
GetLastError
SetErrorMode
RaiseException
VirtualProtect

user32

wsprintfA
GetActiveWindow
GetClassNameA
ShowWindow
GetWindowTextA
DrawEdge
EndPaint
DrawTextA
GetWindow
SetForegroundWindow
GetFocus
GetParent
ReleaseDC
ValidateRect
FrameRect
GetCursorPos
IsIconic
GetMenuItemInfoA
BeginPaint

httpapi

HttpRemoveUrl
HttpAddUrl
HttpInitialize
HttpCreateHttpHandle
HttpTerminate

wshtcpip

WSHNotify

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ