ab8b5f0f4f3ca658fef2e5266af76b56_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ab8b5f0f4f3ca658fef2e5266af76b56_JaffaCakes118
Size

415KB
MD5

ab8b5f0f4f3ca658fef2e5266af76b56
SHA1

4e723b9a3575b1e92350a48977b1f525b4269d60
SHA256

c7e5ea665031ab17a99700adfc73d89cd4b12388b9992b72a5579e6ada1f9d6e
SHA512

c543be561f468e8b9b58408597e883797da24a70520c500bf72c9d42d5b58d40c8e7674e1537ceae1fa07a18bc4aa0f10f2f378f1a33f954d4eec775d80f64fb
SSDEEP

12288:3Z6TIoft2yugll2jnAaeX6mXM3W4/Plf:3Z6glQlCn0X6X3WoNf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab8b5f0f4f3ca658fef2e5266af76b56_JaffaCakes118

Files

ab8b5f0f4f3ca658fef2e5266af76b56_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4599a8279e467212cbfdac455281c6e5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchange
GlobalAddAtomA
Sleep
GetLastError
GlobalDeleteAtom
LockResource
EnterCriticalSection
RaiseException
SetErrorMode
GetLogicalDrives
GetACP
GlobalFree
GetCommandLineA
GetStdHandle
VirtualProtect
IsBadReadPtr
GetLocaleInfoA
FileTimeToLocalFileTime
HeapCreate
LoadLibraryExA
CloseHandle

user32

FrameRect
ReleaseDC
GetWindowTextA
BeginPaint
DrawTextA
ShowWindow
GetFocus
SetForegroundWindow
IsIconic
GetWindow
GetMenuItemInfoA
GetCursorPos
GetClassNameA
DrawEdge
wsprintfA
GetParent
GetActiveWindow
ValidateRect
EndPaint

httpapi

HttpAddUrl
HttpInitialize
HttpCreateHttpHandle
HttpTerminate
HttpRemoveUrl

msutb

GetPopupTipbar

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ