c01417ff032e01ad0adcf7ed3fd1bafe_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c01417ff032e01ad0adcf7ed3fd1bafe_JaffaCakes118
Size

427KB
MD5

c01417ff032e01ad0adcf7ed3fd1bafe
SHA1

bf04482449b7d7473694004457dd2fdc68ef568b
SHA256

c07bdabae6c7dfc5579b99e5c8ff1bdbb4abe3d8cf18ac43bdcb3d751ac16aea
SHA512

d45287b3cf9ef543e87d37234b7bff2858a0d2cd7192b507bd3bf779f6fdff586e08831051d68c9bdd20a09220b24cc1118007363350917b73d305ca2d128588
SSDEEP

6144:0lcwuO3NYDsNAdnQWMAN6l5yjiqXRZtWpfvxs5kiha0Al3EsRy2LaQt:0c7O3N50BMukyHgG51A5WQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c01417ff032e01ad0adcf7ed3fd1bafe_JaffaCakes118

Files

c01417ff032e01ad0adcf7ed3fd1bafe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5999d6137ac16d91513d4390dcfd50d3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleCP
EnterCriticalSection
LockResource
GlobalAddAtomA
FoldStringA
CloseHandle
GlobalFree
VirtualProtect
GetLastError
GlobalDeleteAtom
LoadLibraryExA
GetACP
GetDriveTypeA
Sleep
RaiseException
GetLocaleInfoA
GetStdHandle
GlobalUnlock
InterlockedExchange
HeapCreate
SetErrorMode

user32

ValidateRect
SetForegroundWindow
IsIconic
DrawTextA
GetWindow
GetMenuItemInfoA
DrawEdge
ReleaseDC
GetActiveWindow
GetFocus
GetWindowTextA
ShowWindow
ClipCursor
GetClassNameA
CharToOemBuffA
EndPaint
GetParent
GetCursorPos
BeginPaint

version

GetFileVersionInfoSizeA
VerFindFileA
GetFileVersionInfoA
VerInstallFileA
VerQueryValueA

rasadhlp

WSAttemptAutodialName

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 704KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ