95fd4394bee38225c2bf69effc2d831c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

95fd4394bee38225c2bf69effc2d831c_JaffaCakes118
Size

415KB
MD5

95fd4394bee38225c2bf69effc2d831c
SHA1

1d33ecfd3dcad482bf321d4d10f38b4c165ab3b1
SHA256

2dcc917917a39f10d9dff9f7a1d2a4ea6d574cd2b0aea3f0601b4a4fbe945cff
SHA512

c41278dec2e80fb7e26436e3a67e182e595b38f7c74248f6b088c80141cbec42af83c459d597373c132d16f57698a92df2dd57770179907383aed18f3c24c081
SSDEEP

12288:rXZ6TIoft2yugll2jnAaeX6mXM3W4/Plf:rZ6glQlCn0X6X3WoNf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95fd4394bee38225c2bf69effc2d831c_JaffaCakes118

Files

95fd4394bee38225c2bf69effc2d831c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

24285bb2b443508799d444043ac8adb8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAddAtomA
GetLogicalDrives
GetLocaleInfoA
GlobalFree
EnterCriticalSection
GlobalDeleteAtom
GetStdHandle
GetLastError
Sleep
SetErrorMode
IsBadReadPtr
VirtualProtect
CloseHandle
InterlockedExchange
HeapCreate
LoadLibraryExA
RaiseException
GetACP
LockResource
FileTimeToLocalFileTime
GetCommandLineA

user32

IsIconic
SetForegroundWindow
ShowWindow
GetWindow
GetParent
ReleaseDC
GetMenuItemInfoA
EndPaint
wsprintfA
GetFocus
BeginPaint
GetActiveWindow
DrawEdge
GetCursorPos
GetWindowTextA
DrawTextA
ValidateRect
FrameRect
GetClassNameA

httpapi

HttpRemoveUrl
HttpInitialize
HttpAddUrl
HttpCreateHttpHandle
HttpTerminate

msutb

GetPopupTipbar

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ