ad2a00c8ffb83a2445a98737f5d8d15e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ad2a00c8ffb83a2445a98737f5d8d15e_JaffaCakes118
Size

193KB
MD5

ad2a00c8ffb83a2445a98737f5d8d15e
SHA1

269c0ef7cb2ede7ed6385227e327d618684145d0
SHA256

08972ca2f7a7802ee69b809234468a2dbd462351471c35e714acb497240b22db
SHA512

fb8fab85cb1c9e9bbff7016a5acb185515160834ed1e7aabf5a059b90aff4cd9dd0ddbf162af7f4137523455edabfb081acf63f791b559c0f361944dbfe6fc13
SSDEEP

3072:IIM+mUZvWdOnI/Hij3s9zBVnIUiNg86+7rYuaVxN9PXchOMW6WIuejU5:Iaet/H+3s9zn/oroVxNMO51ejU5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad2a00c8ffb83a2445a98737f5d8d15e_JaffaCakes118

Files

ad2a00c8ffb83a2445a98737f5d8d15e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

84d855a8c3abed8cf76fe2662c3a68d7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
SetErrorMode
GetDriveTypeA
GetLocaleInfoA
LoadLibraryExA
GetStdHandle
HeapCreate
Sleep
VirtualProtect
GetLastError
GlobalFree
GlobalDeleteAtom
LockResource
InterlockedExchange
CloseHandle
FoldStringA
SetConsoleCP
EnterCriticalSection
GetACP
GlobalUnlock
GlobalAddAtomA

user32

CharToOemBuffA
BeginPaint
GetCursorPos
IsIconic
GetActiveWindow
ClipCursor
GetFocus
GetClassNameA
DrawTextA
DrawEdge
SetForegroundWindow
GetMenuItemInfoA
ValidateRect
ReleaseDC
GetWindow
ShowWindow
GetParent
EndPaint
GetWindowTextA

version

VerFindFileA
VerQueryValueA
VerInstallFileA
GetFileVersionInfoSizeA
GetFileVersionInfoA

rasadhlp

WSAttemptAutodialName

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 764KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ