ac0110f7bb99ad66902ea9e895b904a4_JaffaCakes118 | Triage

Sharing

General

Target

ac0110f7bb99ad66902ea9e895b904a4_JaffaCakes118
Size

317KB
MD5

ac0110f7bb99ad66902ea9e895b904a4
SHA1

1adec135cacdaa8a6d4140ffc8300ce1315b182b
SHA256

187266f6eaa1823286ccaa8acbd06a9eff58337fad92f23cc75b3e4f620f414f
SHA512

a0b623a8ef0d1f639b275fe126171f178f6b938b6d49778971e6f0c96e12ff7d47278d1f09495aa791a29a84440ec8038ec1abf3a96d5874ccfa929c06fcc3d8
SSDEEP

6144:pHHIeC/4nXA13lwjbjHMGcnr6hDLCF1bzzFD5BrOSMInBOwUsD1N:pH5nX5Hrlcnr6hDLstzzYSMaBOwUsRN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac0110f7bb99ad66902ea9e895b904a4_JaffaCakes118

Files

ac0110f7bb99ad66902ea9e895b904a4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

13611997ebb3a105a344a9d399a543bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
EnterCriticalSection
FreeConsole
RaiseException
GlobalUnlock
DeleteAtom
GlobalAddAtomA
IsBadCodePtr
CloseHandle
SetConsolePalette
GetStdHandle
LoadResource
VirtualProtect
GetOEMCP
WriteProfileStringA
GlobalFree
GlobalAddAtomA
LocalFree
LoadLibraryExA
GetLastError
lstrcat

user32

GetClassNameA
DrawEdge
GetActiveWindow
ReleaseDC
AlignRects
BeginPaint
GetFocus
GetForegroundWindow
GetWindow
GetWindowTextLengthA
ValidateRect
CloseWindow
GetClassInfoExA
IsIconic
GetWindowTextA
GetParent
GetDC
EndPaint
ShowWindow

mprapi

MprAdminUserGetInfo
MprAdminUserClose
MprAdminUserWrite
MprAdminUserOpen
MprAdminUserRead

linkinfo

CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ