a6a7f6389c79b4e1e53ee30f5483677a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a6a7f6389c79b4e1e53ee30f5483677a_JaffaCakes118
Size

72KB
MD5

a6a7f6389c79b4e1e53ee30f5483677a
SHA1

00a0123d7079b9952f798d10dcdcc236ab7dabcf
SHA256

114b0bfebb49467c737d78308e07dc8c1897c6a58f60dde414c3964834b7e534
SHA512

404b1bd55f78925a5a47d17b695bfbabb2574a9c6f9d18041a0ab66507fd3c8ebadbc411dd0e6f9eb721156561e8d337bd6165d700099e8e5de7fe67854e3096
SSDEEP

1536:uWANIjlVHDxn5ODQJLw183AnH/LkSKdHUdJ9H3M51ecvDU+x7y6VEMTycMx:uWOsdxna8tmTpK5UlHcbeiBxbTo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a6a7f6389c79b4e1e53ee30f5483677a_JaffaCakes118

Files

a6a7f6389c79b4e1e53ee30f5483677a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

869b1c859d5f6faf88a62f2a517303f8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeFormatA
CloseHandle
MultiByteToWideChar
VirtualProtect
GetACP
GlobalFree
HeapCreate
LoadLibraryExA
EnterCriticalSection
GlobalUnlock
SetErrorMode
GetStdHandle
SizeofResource
RaiseException
GetPriorityClass
GlobalDeleteAtom
LockResource
SetConsoleCP
GlobalAddAtomA
GetLastError
Sleep

user32

EndPaint
GetCursorPos
GetFocus
ReleaseDC
BeginPaint
GetClassInfoExA
AnyPopup
ValidateRect
IsIconic
DrawEdge
DrawMenuBar
GetForegroundWindow
GetActiveWindow
GetWindow
ShowWindow
GetMenuItemInfoA
GetParent
GetWindowTextA
GetClassNameA

mprapi

MprAdminUserClose
MprAdminUserWrite
MprAdminUserRead
MprAdminUserGetInfo
MprAdminUserOpen

mapi32

MAPILogonEx

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ