ac3b9bb93f54bd75d9deb3f6c1d4adc5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ac3b9bb93f54bd75d9deb3f6c1d4adc5_JaffaCakes118
Size

48KB
MD5

ac3b9bb93f54bd75d9deb3f6c1d4adc5
SHA1

0172124339f10bdd78df23a48d60c8756b877b87
SHA256

2efdb9041674056edba2425d48429302b4e55f1e5687d3544b42936391ca79db
SHA512

dbb2fbbad9b0263793d0a6426f5b9421da39267ee3c47ad85a996ceb57cc008ae406673c0de50c89c4c245741d0bb174ac99fbca7f23ff20d829cc870b101fb2
SSDEEP

1536:WA5cz1uxzW1yxNkHYIyIpCBMWXTGfMUk4:rchuxzDNkHYacBMWDifT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac3b9bb93f54bd75d9deb3f6c1d4adc5_JaffaCakes118

Files

ac3b9bb93f54bd75d9deb3f6c1d4adc5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3dd8c31bd04e5ea199ee8e01a73f40ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAddAtomA
InterlockedExchange
GetLastError
GlobalUnlock
SetConsoleCP
Sleep
SetErrorMode
LoadLibraryExA
GetDriveTypeA
VirtualProtect
CloseHandle
LockResource
EnterCriticalSection
HeapCreate
FoldStringA
GetLocaleInfoA
GlobalFree
GetACP
GlobalDeleteAtom
RaiseException
GetStdHandle

user32

IsIconic
GetWindowTextA
GetFocus
GetClassNameA
SetForegroundWindow
BeginPaint
EndPaint
ShowWindow
ReleaseDC
GetCursorPos
ClipCursor
GetMenuItemInfoA
GetParent
DrawTextA
ValidateRect
CharToOemBuffA
DrawEdge
GetWindow
GetActiveWindow

version

VerInstallFileA
GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA
VerFindFileA

rasadhlp

WSAttemptAutodialName

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 740KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ