a18abb64615b49a2af012b85188cf80f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a18abb64615b49a2af012b85188cf80f_JaffaCakes118
Size

415KB
MD5

a18abb64615b49a2af012b85188cf80f
SHA1

aa9e192129850bafbbf6e3b2975e4d1057af6380
SHA256

404a1910246074daa3884c499856c86054fc806ad435487e88b2b339b092ad3d
SHA512

ef14fcaaa9dc73b9e48047aa6cdf13d9c407f810cfccdd33263f5d36066bff9e6a5c925d295ba839d520e2d51e6fd90af7e25965a475e24d2a414ab936b5ce91
SSDEEP

6144:j1ojUwD3TilJTq4y+ydvMQp7Tmd7xG8twYU42vw:jKowTWTq4yzd/tS7U8tEn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a18abb64615b49a2af012b85188cf80f_JaffaCakes118

Files

a18abb64615b49a2af012b85188cf80f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c7cfb548c15ac3d008616f3e5aa912d1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
GetACP
HeapCreate
RaiseException
Sleep
LoadLibraryExA
GetCommandLineA
LockResource
GlobalAddAtomA
GetFileAttributesA
GlobalFree
GetLogicalDrives
CloseHandle
SetErrorMode
GetSystemDirectoryA
GetLocaleInfoA
InterlockedExchange
VirtualProtect
GetLastError
GetStdHandle
GlobalDeleteAtom

user32

GetMenuItemInfoA
GetActiveWindow
IsIconic
wsprintfA
GetFocus
BeginPaint
ValidateRect
GetClassNameA
ReleaseDC
GetCursorPos
EndPaint
FrameRect
GetParent
DrawEdge
DrawTextA
GetWindow
SetForegroundWindow
GetWindowTextA
ShowWindow

httpapi

HttpRemoveUrl
HttpTerminate
HttpInitialize
HttpAddUrl
HttpCreateHttpHandle

wshtcpip

WSHNotify

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ