bb286164f742a82142a2bbfb7cdd29bd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bb286164f742a82142a2bbfb7cdd29bd_JaffaCakes118
Size

639KB
MD5

bb286164f742a82142a2bbfb7cdd29bd
SHA1

0407d8201638e5ab869654c91c03b8378cc1c2d2
SHA256

270cec3442e7e068f3cea101db53685db4b0ab41812547e52752b17785671a17
SHA512

2c473611b17efac44874fa67e855afc0ee90ef53eb7b6e86cbdea84b3d6231b399a9578daf14bedc6e30a855877d57d0dc18a964d5095d69a5e35d5805dfe04a
SSDEEP

12288:gJe/cG76F93bLa65L2NczI9ORdJ8Cer30ZY4QoU25mTjWB+FTYjc:Xca6DLLa6FzI9ORdOCeAZYPtjWB+Fc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb286164f742a82142a2bbfb7cdd29bd_JaffaCakes118

Files

bb286164f742a82142a2bbfb7cdd29bd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

caf5e53dffedadc0a05aa314f54b1b5a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
SetEvent
FindFirstFileA
GetLogicalDrives
GetLastError
CloseHandle
Sleep
InterlockedExchange
GlobalFree
EnterCriticalSection
HeapCreate
GetSystemDirectoryA
RaiseException
ResetEvent
GetLocaleInfoA
VirtualProtect
GetStdHandle
ReleaseMutex
GetCommandLineA
SetErrorMode
GetACP

user32

EndPaint
ValidateRect
SetForegroundWindow
GetCursorPos
GetFocus
BeginPaint
GetWindow
ReleaseDC
FlashWindowEx
FrameRect
DrawTextA
GetActiveWindow
GetWindowTextA
GetClassNameA
ShowWindow
IsIconic
FillRect
GetParent
wsprintfA

httpapi

HttpCreateHttpHandle
HttpAddFragmentToCache
HttpAddUrl
HttpTerminate
HttpInitialize

winhttp

WinHttpOpen

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ