cf36c8be2238dd947165ac8cde1d54a0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cf36c8be2238dd947165ac8cde1d54a0_JaffaCakes118
Size

321KB
MD5

cf36c8be2238dd947165ac8cde1d54a0
SHA1

1a0fb4b36da444f024d95474c2b76e09e3d012e9
SHA256

2c8aeed79bcf5517dac9d7940654069c42b7f1e3dddbcd9060b5b7dfa69abdb0
SHA512

95ed3cd8af326916f93ec07eda880d6f4366be29e14734ed4289a506d5e2fdcf8ffe3bf3d8c236c30605c352b8bd6a2a50c85df34377f92f5cd62f762a34e548
SSDEEP

6144:LcwuO3NYDsNAdnQWMAN6l5yjiqXRZtWpfvxs5kiha0Al3EsRy2LaQtw:Lc7O3N50BMukyHgG51A5WQy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf36c8be2238dd947165ac8cde1d54a0_JaffaCakes118

Files

cf36c8be2238dd947165ac8cde1d54a0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e4d9a1b4f1a116e2824e12c0b62e8118

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
Sleep
VirtualProtect
CloseHandle
FoldStringA
GetLocaleInfoA
GetACP
EnterCriticalSection
GlobalDeleteAtom
GlobalFree
SetConsoleCP
GetDriveTypeA
RaiseException
InterlockedExchange
HeapCreate
SetErrorMode
GlobalAddAtomA
LockResource
GetStdHandle
GlobalUnlock
GetLastError

user32

SetForegroundWindow
GetActiveWindow
GetClassNameA
CharToOemA
GetParent
ValidateRect
EndPaint
GetCursorPos
GetWindowTextA
DrawTextA
IsIconic
ReleaseDC
GetMenuItemInfoA
ShowWindow
GetWindow
DrawEdge
GetFocus
BeginPaint
ClipCursor

version

GetFileVersionInfoA
VerQueryValueA
VerLanguageNameA
GetFileVersionInfoSizeA
VerFindFileA

rasadhlp

WSAttemptAutodialName

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 704KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ