bb7288c6f4e56a4a24426221d8714513_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bb7288c6f4e56a4a24426221d8714513_JaffaCakes118
Size

41KB
MD5

bb7288c6f4e56a4a24426221d8714513
SHA1

bc1808f1c615a851b100346f1da162041ab884e2
SHA256

3176c944dfe5d70acfe80c48727e35b45f7c65c0ca3cff8f6abab7bfffc4d04b
SHA512

c9aead85c64d5dce75a43a336394f580262a9d913adfc6cbf57dd3aa68ab5733e8a89299291ec01a1e6b48bdd896f65b9a94d04b7ed619532a0d54610980ce32
SSDEEP

768:Gk2vpKsSLZZGjQtVWSRQmUn+2qRMWeQh3u/XS+apD6Tm79fcy:GPpLSLXt0SRQmIqRMWeYmxaim79fh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb7288c6f4e56a4a24426221d8714513_JaffaCakes118

Files

bb7288c6f4e56a4a24426221d8714513_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5bbdf63e87d9d4b34aec7271c5204c29

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
InterlockedExchange
GlobalAddAtomA
GlobalFree
LockResource
LoadLibraryExA
GetACP
HeapCreate
EnterCriticalSection
VirtualProtect
SetErrorMode
GetDriveTypeA
SetConsoleCP
RaiseException
Sleep
GetStdHandle
GlobalDeleteAtom
GetLastError
GlobalUnlock
GetLocaleInfoA
FoldStringA

user32

SetForegroundWindow
ClipCursor
EndPaint
GetParent
BeginPaint
GetClassNameA
ReleaseDC
GetCursorPos
ShowWindow
DrawTextA
GetMenuItemInfoA
GetWindow
GetFocus
GetWindowTextA
DrawEdge
ValidateRect
IsIconic
CharToOemBuffA
GetActiveWindow

version

GetFileVersionInfoSizeA
VerInstallFileA
VerFindFileA
GetFileVersionInfoA
VerQueryValueA

rasadhlp

WSAttemptAutodialName

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ