89f60e9eb8c384f3bfdf9800fded8cec_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

89f60e9eb8c384f3bfdf9800fded8cec_JaffaCakes118
Size

317KB
MD5

89f60e9eb8c384f3bfdf9800fded8cec
SHA1

323f713305c9169facbe007421958d57759921f9
SHA256

52e8f120195bcdbcf9fb58b2aefd78b035db2cdf51ce3279ac3a92d34652de3d
SHA512

11ffb6ff86a1af60089f45090a282d1a726d7f01550e78b7b8b0464e97c8087259118de267c0faec42f3dac09fe14faf6f4eaadb61aee1aab619675c79d3b7bc
SSDEEP

6144:rMQv1tm1gq6PBNELGsrIHXuAzW6dkrTwSE0oAR2/y4l9jxSi2ohp5rn4d1x:r1ve1NuNEyBXja6dkrcnqyz9jp/rn+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89f60e9eb8c384f3bfdf9800fded8cec_JaffaCakes118

Files

89f60e9eb8c384f3bfdf9800fded8cec_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b90a31869cc07a3afbe541f2d7877f33

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockResource
RaiseException
GlobalDeleteAtom
GlobalAddAtomA
GetLastError
SizeofResource
LoadLibraryExA
SetConsoleCP
GlobalUnlock
GetTimeFormatA
SetErrorMode
GlobalFree
HeapCreate
Sleep
GetPriorityClass
VirtualProtect
GetStdHandle
GetACP
MultiByteToWideChar
EnterCriticalSection
CloseHandle

user32

DrawMenuBar
GetClassInfoExA
GetActiveWindow
ValidateRect
GetCursorPos
GetMenuItemInfoA
AnyPopup
GetParent
GetFocus
DrawEdge
IsIconic
EndPaint
GetClassNameA
GetForegroundWindow
GetWindowTextA
ShowWindow
GetWindow
ReleaseDC
BeginPaint

mprapi

MprAdminUserWrite
MprAdminUserOpen
MprAdminUserRead
MprAdminUserClose
MprAdminUserGetInfo

mapi32

MAPILogonEx

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ