a4f34818597923c1ab056ce9c798b23f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a4f34818597923c1ab056ce9c798b23f_JaffaCakes118
Size

415KB
MD5

a4f34818597923c1ab056ce9c798b23f
SHA1

e46fe831d16f234229729a539d0fa50413d779a3
SHA256

b678a30c8251190bd7eb118733eefbcdd6639dc6dce1004cc60dcf06ca31f6de
SHA512

3eb3ade7e43f41509ec016eed2ff188b2c0d4e3c16ee730ed5c97cd200d50b3b9aa0da8d24a812d50e77a88aed0d95cfc1d4f8e6a78e8136db682950aea84f85
SSDEEP

6144:L1ojUwD3TilJTq4y+ydvMQp7Tmd7xG8twYU42vw:LKowTWTq4yzd/tS7U8tEn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a4f34818597923c1ab056ce9c798b23f_JaffaCakes118

Files

a4f34818597923c1ab056ce9c798b23f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

67e0da64c9a5628a8a22274dfeb0c474

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
GetCommandLineA
GlobalDeleteAtom
SetErrorMode
GlobalFree
Sleep
InterlockedExchange
LockResource
VirtualProtect
CloseHandle
GetLocaleInfoA
HeapCreate
GetLogicalDrives
EnterCriticalSection
GlobalAddAtomA
GetFileAttributesA
GetACP
LoadLibraryExA
GetLastError
RaiseException
GetSystemDirectoryA

user32

ValidateRect
GetParent
FrameRect
GetMenuItemInfoA
wsprintfA
GetCursorPos
DrawEdge
GetWindow
EndPaint
GetFocus
BeginPaint
IsIconic
GetWindowTextA
GetClassNameA
ReleaseDC
ShowWindow
GetActiveWindow
DrawTextA
SetForegroundWindow

httpapi

HttpInitialize
HttpCreateHttpHandle
HttpTerminate
HttpRemoveUrl
HttpAddUrl

wshtcpip

WSHNotify

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ