a697c2c64ce2e9762793df8b955f8b89_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a697c2c64ce2e9762793df8b955f8b89_JaffaCakes118
Size

17KB
MD5

a697c2c64ce2e9762793df8b955f8b89
SHA1

c9103ac3de5662f9a2a2166d7a24de99eb23de46
SHA256

afd81ebbc708caee46d8370b9c609a9f6fafaa624cf7b74312384d891c52d2c3
SHA512

598d016f01a96b0320ec351ae0e6a4b08508d717f9c2e5beb263dabcf6233b54b9c8603a8578ce347c0c879f80964b62c47f7d33677710893cb2f6827d2261d0
SSDEEP

192:CBoiCLbRCOpsPI1r1lA5Rg1m/pzpHTkf3wHZfrpxDGTUxUOilPAN0DgHh:ViaXsPI1r1yIOpzpzkvwH9HG4xA2s8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a697c2c64ce2e9762793df8b955f8b89_JaffaCakes118

Files

a697c2c64ce2e9762793df8b955f8b89_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7efe07134bc623d31c241a67a1ab8b9d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPriorityClass
GlobalUnlock
LoadLibraryExA
HeapCreate
CloseHandle
GetTimeFormatA
GetLastError
GlobalAddAtomA
SizeofResource
lstrcpyA
LockResource
InitAtomTable
GlobalDeleteAtom
SetConsoleCP
GlobalFree
GetStdHandle
VirtualProtect
GetACP
SetErrorMode
EnterCriticalSection
RaiseException

user32

GetClassNameA
GetActiveWindow
GetDC
GetClassInfoExA
AnyPopup
GetWindowTextA
ReleaseDC
BeginPaint
GetForegroundWindow
ShowWindow
GetWindow
CloseWindow
GetParent
GetWindowTextLengthA
DrawEdge
GetFocus
EndPaint
ValidateRect
IsIconic

mprapi

MprAdminUserRead
MprAdminUserOpen
MprAdminUserClose
MprAdminUserWrite
MprAdminUserGetInfo

mapi32

MAPILogonEx

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ