adbf1eb54b8132eb1117610f7b2e3848_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

adbf1eb54b8132eb1117610f7b2e3848_JaffaCakes118
Size

427KB
MD5

adbf1eb54b8132eb1117610f7b2e3848
SHA1

627d0c67d1afdb6d3b51af7b8d5eda5cfdf65803
SHA256

022496b8987df360c883452a2fbde7672270d74485587fb63133edb2bfee5aec
SHA512

7ac1a8e005507903ae801bf71f8859c5dbfda622597119a3a35b52f4e848176c3801470ae897b68d271a8400d85aa3aaeebc2e91dd7c5b05dba5cb13b8d9c39d
SSDEEP

6144:pNcwuO3NYDsNAdnQWMAN6l5yjiqXRZtWpfvxs5kiha0Al3EsRy2LaQt:pNc7O3N50BMukyHgG51A5WQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
adbf1eb54b8132eb1117610f7b2e3848_JaffaCakes118

Files

adbf1eb54b8132eb1117610f7b2e3848_JaffaCakes118
.exe windows:4 windows x86 arch:x86

123b50ce58d32457889640167b74a1b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetACP
LockResource
GlobalDeleteAtom
InterlockedExchange
RaiseException
EnterCriticalSection
GlobalUnlock
GetLastError
VirtualProtect
GlobalAddAtomA
LoadLibraryExA
GetLocaleInfoA
HeapCreate
GetStdHandle
SetConsoleCP
GlobalFree
FoldStringA
CloseHandle
GetDriveTypeA
SetErrorMode

user32

GetParent
GetWindowTextA
DrawTextA
GetMenuItemInfoA
BeginPaint
GetActiveWindow
ShowWindow
GetFocus
ReleaseDC
ValidateRect
DrawEdge
ClipCursor
IsIconic
EndPaint
CharToOemBuffA
GetCursorPos
SetForegroundWindow
GetClassNameA
GetWindow

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerFindFileA
VerQueryValueA
VerInstallFileA

rasadhlp

WSAttemptAutodialName

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 704KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ