b20331625c78a5ae6c4dd0ebb0576b19_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b20331625c78a5ae6c4dd0ebb0576b19_JaffaCakes118
Size

427KB
MD5

b20331625c78a5ae6c4dd0ebb0576b19
SHA1

5d21be3ce8370821108b57321c86b81039449b96
SHA256

bbcbbb9896472187ba518760bb4f2726fd029c8b185898edddd04efc894ff8c3
SHA512

7173aee51f35f5eaa8cf9db0e59c4db2c0b32b35867ccf9aa6aa002d031fa1c9cf5c4b10b7779f8fc8e59d5f59d1041f3839ef3a78dfccd2cf06782e833b0c14
SSDEEP

6144:t0cwuO3NYDsNAdnQWMAN6l5yjiqXRZtWpfvxs5kiha0Al3EsRy2LaQt:t0c7O3N50BMukyHgG51A5WQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b20331625c78a5ae6c4dd0ebb0576b19_JaffaCakes118

Files

b20331625c78a5ae6c4dd0ebb0576b19_JaffaCakes118
.exe windows:4 windows x86 arch:x86

41e6685227863f329649f5a8051d721a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
GetLocaleInfoA
HeapCreate
VirtualProtect
EnterCriticalSection
GlobalAddAtomA
LockResource
Sleep
GlobalUnlock
SetConsoleCP
LoadLibraryExA
GlobalDeleteAtom
GetStdHandle
GlobalFree
SetErrorMode
FoldStringA
GetDriveTypeA
RaiseException
GetLastError
CloseHandle
InterlockedExchange

user32

ShowWindow
SetForegroundWindow
ValidateRect
EndPaint
IsIconic
ClipCursor
CharToOemBuffA
DrawTextA
GetMenuItemInfoA
GetFocus
GetClassNameA
BeginPaint
GetActiveWindow
GetCursorPos
GetWindow
DrawEdge
ReleaseDC
GetWindowTextA
GetParent

version

GetFileVersionInfoA
VerInstallFileA
VerFindFileA
VerQueryValueA
GetFileVersionInfoSizeA

rasadhlp

WSAttemptAutodialName

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 704KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ