9399a089f1eb8522a3244eaef57d5722_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9399a089f1eb8522a3244eaef57d5722_JaffaCakes118
Size

316KB
MD5

9399a089f1eb8522a3244eaef57d5722
SHA1

fe8b0e7947a31912a27ae3f10eb5a81530bb3a68
SHA256

c0644c332eb4889feb8b00e1754aa22072e687028f44c7ed6bef571b48df6121
SHA512

bb6b916a07157cb47554ce867ba2791574287dc91691ba78a41aa18d245637b386a69c5fa1fd027aace0dc400fc9f5dc3eef95bfcdc4818cb7e80e9eed491749
SSDEEP

6144:2t8BmLHC9+7SxhjmqsfGCIUZXiwRlDzgnJOGHhZ9al5YgvysriJOh:G6h5mf3I2iwDzgn3Y5h6sriJ2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9399a089f1eb8522a3244eaef57d5722_JaffaCakes118

Files

9399a089f1eb8522a3244eaef57d5722_JaffaCakes118
.exe windows:4 windows x86 arch:x86

616a88d51a0e3b3d9f6f65b8d312738d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
InterlockedExchange
RaiseException
ReleaseMutex
LoadLibraryExA
Sleep
FindFirstFileA
GetLocaleInfoA
GetLastError
GetCommandLineA
SetErrorMode
HeapCreate
ResetEvent
CloseHandle
EnterCriticalSection
GetSystemDirectoryA
GlobalFree
GetACP
VirtualProtect
GetStdHandle
GetLogicalDrives

user32

GetClassNameA
GetFocus
GetWindowTextA
ValidateRect
GetCursorPos
SetForegroundWindow
BeginPaint
GetActiveWindow
GetParent
DrawTextA
IsIconic
FrameRect
FillRect
ShowWindow
EndPaint
GetWindow
ReleaseDC
FlashWindowEx
wsprintfA

httpapi

HttpAddUrl
HttpInitialize
HttpAddFragmentToCache
HttpCreateHttpHandle
HttpTerminate

winhttp

WinHttpOpen

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ