93e1d5a4de972fb0bf33df288d171637_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

93e1d5a4de972fb0bf33df288d171637_JaffaCakes118
Size

416KB
MD5

93e1d5a4de972fb0bf33df288d171637
SHA1

7459150cec3d54a114effab1fb1d644d36a6d25d
SHA256

8c7a96b2ac366f1c93581cebc23704fe6ac89dc6b609d91780f5b3f9110b8a01
SHA512

de283b6dc71c17cb0f3edf69b5e5341ca1d7e343147bc8db4cf0c500fedf35538c55b751fc0fb8d8a011425793e37ff436a4e508b1fab3b2153e86939f89c494
SSDEEP

6144:q6b2I7dBJY+l8EAnddMJfnDnDYiktjAg2SDj2uqLUITtjtz:q6qIprYLsr0iktjrpDSFJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
93e1d5a4de972fb0bf33df288d171637_JaffaCakes118

Files

93e1d5a4de972fb0bf33df288d171637_JaffaCakes118
.exe windows:4 windows x86 arch:x86

45f69b2cb880ff7ad7d80482520d2aea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchange
GetStdHandle
LoadLibraryExA
RaiseException
GlobalFree
GetLogicalDrives
HeapCreate
SetErrorMode
Sleep
LockResource
CloseHandle
GetSystemDirectoryA
GetLastError
GetFileAttributesExA
EnterCriticalSection
GetACP
GetLocaleInfoA
GlobalAddAtomA
VirtualProtect
GetCommandLineA
GlobalAddAtomA

user32

GetFocus
wsprintfA
GetWindow
GetWindowTextA
FlashWindowEx
GetCursorPos
IsIconic
GetParent
FrameRect
BeginPaint
DrawTextA
GetClassNameA
FillRect
ReleaseDC
ValidateRect
ShowWindow
SetForegroundWindow
EndPaint
GetActiveWindow

httpapi

HttpAddFragmentToCache
HttpCreateHttpHandle
HttpAddUrl
HttpTerminate
HttpInitialize

winhttp

WinHttpOpen

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ