a7e0f11418191cd9a9c499372fd00596_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a7e0f11418191cd9a9c499372fd00596_JaffaCakes118
Size

448KB
MD5

a7e0f11418191cd9a9c499372fd00596
SHA1

acea0387e54f40d30c1975e0fd970dec0d632d79
SHA256

092f870e03bc1dcb05178798d20eed97261dfc4e04287a79926c02a7e5542c94
SHA512

6a503f0c5be44eb3d1d0792541b140e580a957337009e462457e1ce48e89cf5b5b792d302df6b31716ea636d59378f9b96e55c266d3f01c1d4d326446f67d8d8
SSDEEP

6144:8O0VwBRjG6bAG7o5jo0FKoVDmWVTSumSOeOI1+BiA4w4JsaYEasGHytD46vb:8Ouekq03EaTJOeOI4iAP4JsaCnylvb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a7e0f11418191cd9a9c499372fd00596_JaffaCakes118

Files

a7e0f11418191cd9a9c499372fd00596_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5ac49c9f9b8682c8de609963d0cc575d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
InterlockedExchange
GetStdHandle
GlobalFree
SetConsoleCP
GetACP
GlobalUnlock
GetDriveTypeA
EnterCriticalSection
FoldStringA
LockResource
GlobalAddAtomA
GlobalDeleteAtom
LoadLibraryExA
RaiseException
GetLocaleInfoA
VirtualProtect
SetErrorMode
CloseHandle
GetLastError
HeapCreate

user32

ValidateRect
GetFocus
ShowWindow
IsIconic
EndPaint
ReleaseDC
GetParent
CharToOemBuffA
SetForegroundWindow
GetMenuItemInfoA
GetClassNameA
GetWindow
GetWindowTextA
DrawEdge
GetActiveWindow
DrawTextA
ClipCursor
GetCursorPos
BeginPaint

version

VerInstallFileA
VerFindFileA
VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

rasadhlp

WSAttemptAutodialName

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ