970eba1d86b715e88d6740a066ff2363_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

970eba1d86b715e88d6740a066ff2363_JaffaCakes118
Size

416KB
MD5

970eba1d86b715e88d6740a066ff2363
SHA1

17fbc3c8d0c8a773632a3704f66e0066d368ac6a
SHA256

91a8125e60493c7f74e25dd84389dae207599c6190668295cabd748ff1ba88e1
SHA512

7b2f024f2af7ee402303d87997b0dc1ef65b384f7c1e47b17ade9671e8a39dcb9147561d241f6ad340d66ae19df24205df639abbb9f821cd020eb9aad9c6bd22
SSDEEP

12288:oiZ6TIoft2yugll2jnAaeX6mXM3W4/Plf:bZ6glQlCn0X6X3WoNf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
970eba1d86b715e88d6740a066ff2363_JaffaCakes118

Files

970eba1d86b715e88d6740a066ff2363_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a7339824893e7b2da7477db88aa933d3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
EnterCriticalSection
IsBadReadPtr
LoadLibraryExA
GlobalDeleteAtom
GlobalFree
FileTimeToLocalFileTime
GetACP
HeapCreate
GetLocaleInfoA
LockResource
InterlockedExchange
GlobalAddAtomA
CloseHandle
Sleep
GetStdHandle
VirtualProtect
SetErrorMode
RaiseException
GetLogicalDrives
GetCommandLineA

user32

GetWindow
DrawEdge
FrameRect
ShowWindow
IsIconic
SetForegroundWindow
GetWindowTextA
GetActiveWindow
ReleaseDC
DrawTextA
ValidateRect
wsprintfA
GetClassNameA
GetParent
BeginPaint
GetCursorPos
GetMenuItemInfoA
GetFocus
EndPaint

httpapi

HttpCreateHttpHandle
HttpAddUrl
HttpInitialize
HttpRemoveUrl
HttpTerminate

msutb

GetPopupTipbar

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ