bad249af5f197abc9ea39342c6fb6706_JaffaCakes118 | Triage

Sharing

General

Target

bad249af5f197abc9ea39342c6fb6706_JaffaCakes118
Size

312KB
MD5

bad249af5f197abc9ea39342c6fb6706
SHA1

dd034c524ceb805129b71bb35b933da456ba439f
SHA256

46175400096e212b767a7f93a99994c7a5bc5fc786688acdbd4ab7076ce04716
SHA512

71e774a62045e81dbaa4b2130085b98abe3e47b48fd9453d52dfddd99055357ba315563d3a70ee7881ffb521600afe92d9350c79dd73b62c084abc14a464e103
SSDEEP

6144:MB4U8SZ6FFZGjaCLoOAG99sAEa4LZtz5ft13ZC11b2+Lh+679+y7Ul/WtBB+Wxa:NjCmFLCLXiAMN5l1k11b225l7Uy+U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bad249af5f197abc9ea39342c6fb6706_JaffaCakes118

Files

bad249af5f197abc9ea39342c6fb6706_JaffaCakes118
.exe windows:4 windows x86 arch:x86

04fa5c2f7cebcdf6ec9dff71be680f19

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
GetLocaleInfoA
GetLogicalDrives
GetStdHandle
CloseHandle
ReleaseMutex
Sleep
InterlockedExchange
GetLastError
FindFirstFileA
ResetEvent
GetCommandLineA
SetErrorMode
SetEvent
HeapCreate
GetSystemDirectoryA
EnterCriticalSection
VirtualProtect
GlobalFree
GetACP
RaiseException

user32

GetCursorPos
SetForegroundWindow
wsprintfA
DrawTextA
GetWindowTextA
BeginPaint
GetClassNameA
FlashWindowEx
ShowWindow
ValidateRect
FrameRect
GetActiveWindow
ReleaseDC
FillRect
GetParent
GetFocus
EndPaint
IsIconic
GetWindow

httpapi

HttpCreateHttpHandle
HttpAddUrl
HttpAddFragmentToCache
HttpTerminate
HttpInitialize

winhttp

WinHttpOpen

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ