a11499d143da16a0151aadf71159032b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a11499d143da16a0151aadf71159032b_JaffaCakes118
Size

44KB
MD5

a11499d143da16a0151aadf71159032b
SHA1

8e00c86dc695394cc0dcc53777ac084594dd5d3c
SHA256

24b82d06f74bea60020a4dfad6fcaf3a25807ef9478aa1374e9afbd3c3705e8e
SHA512

f90fe76007dc115b4b73f32e5871fc254f570a1497dd450aec574e317e31b02426c46e6e897ed1820531a51323a0d1dda267631026ec3fd55dc640de7cbfee40
SSDEEP

384:jEv821cPAcNeLNek+vDFYn0OL+UKwZneDi0v95G38LJkZEIxcTJnVFPFH6FyesuT:jMn1ZDLTT1295G38tkZEIKTJVtydwkSg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a11499d143da16a0151aadf71159032b_JaffaCakes118

Files

a11499d143da16a0151aadf71159032b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e18bcac9036c2c04167a2c43b92a6103

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadCodePtr
LoadLibraryExA
GetConsoleCP
lstrlenA
ResumeThread
GetSystemTime
GetACP
GlobalLock
GetModuleHandleA
FreeEnvironmentStringsA
CloseHandle
GlobalUnlock
GetStdHandle
IsBadReadPtr
CreateEventA
OpenMutexA
VirtualAlloc
LocalFree
GetLastError
FindClose

user32

GetSubMenu
DialogBoxParamA
GetDlgItemTextA
SetFocus
GetMessageA
IsIconic
EndDialog
IsMenu
ClipCursor
CreateWindowExA
CheckMenuItem
RedrawWindow
GetMessageA
DrawIconEx

wldap32

ldap_delete
ldap_unbind
ldap_compare
cldap_open
ldap_add

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ