c9750161eb17d29d08217c760a94e2c8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c9750161eb17d29d08217c760a94e2c8_JaffaCakes118
Size

316KB
MD5

c9750161eb17d29d08217c760a94e2c8
SHA1

91580378a92428282e21d4eb3bcb493d83eeb1cd
SHA256

2937d3bad4a5b0de8672d3b6308fbc5aded52ab3e6fafb63ea6fef79084beab2
SHA512

8b3c75d785f0723e0aadff84b435e7d0ace20a13b7d8cce2113d7190397bee65c74b5803d0bfa40cfa571d9b23aad9f7b40f6b0e8b11336d88dc7bb0ea4e7915
SSDEEP

6144:h8BmLHC9+7SxhjmqsfGCIUZXiwRlDzgnJOGHhZ9al5YgvysriJOh:h6h5mf3I2iwDzgn3Y5h6sriJ2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c9750161eb17d29d08217c760a94e2c8_JaffaCakes118

Files

c9750161eb17d29d08217c760a94e2c8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

19c77a4f77b567c1690fae441defc8d9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileA
EnterCriticalSection
CloseHandle
GetLocaleInfoA
GetSystemDirectoryA
ResetEvent
HeapCreate
GlobalFree
GetStdHandle
GetCommandLineA
ReleaseMutex
Sleep
VirtualProtect
SetErrorMode
RaiseException
LoadLibraryExA
GetLastError
GetACP
SetEvent
GetLogicalDrives
InterlockedExchange

user32

GetActiveWindow
ReleaseDC
GetCursorPos
GetWindow
FlashWindowEx
EndPaint
wsprintfA
BeginPaint
IsIconic
FillRect
FrameRect
SetForegroundWindow
GetClassNameA
ShowWindow
GetParent
DrawTextA
ValidateRect
GetFocus
GetWindowTextA

httpapi

HttpTerminate
HttpAddFragmentToCache
HttpAddUrl
HttpCreateHttpHandle
HttpInitialize

winhttp

WinHttpOpen

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ