cfa56c4d1fe9b5ad75d73157b7f6acde_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cfa56c4d1fe9b5ad75d73157b7f6acde_JaffaCakes118
Size

338KB
MD5

cfa56c4d1fe9b5ad75d73157b7f6acde
SHA1

d6003f4856944e1cbb782ec790ea6a4b12bb1c34
SHA256

c727cfa70a3fdf396713dd6d8a30abe75db6136cb10b4701172c20376989c6bd
SHA512

584a6810408098eaefab9987e712b46064e688ba693a33e41fb7c848a3530a4614594069c6920a248e42607bb77a90c5f840f0d761047835cb404c71fae779c7
SSDEEP

6144:Vnc64DCtD752cycYt4Tl9HSw4T2xmEKhDYfJE9kfIy4jNYoZooqwNgk:VcdK75tHYt4rj4TCxDfIyUjodk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cfa56c4d1fe9b5ad75d73157b7f6acde_JaffaCakes118

Files

cfa56c4d1fe9b5ad75d73157b7f6acde_JaffaCakes118
.exe windows:4 windows x86 arch:x86

84a294a20e744d12eae6b9b8fd292ceb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
GetCurrentThread
FindClose
CreateIoCompletionPort
WaitForSingleObject
GetTapeStatus
LoadLibraryExA
InterlockedExchange
GetCurrentProcessId
GetACP
GlobalMemoryStatus
GetStdHandle
GetModuleHandleA
HeapDestroy
GetOEMCP
GetCommandLineA
GetTimeFormatA
IsDebuggerPresent
HeapQueryInformation
VirtualProtect
GetProcessHeap

user32

GetWindowTextLengthA
ShowWindow
GetClassNameA
wsprintfA
FrameRect
SetForegroundWindow
GetParent
ReleaseDC
GetWindow
GetCursorPos
FillRect
DrawTextA
GetFocus
SetActiveWindow
DragDetect
GetDlgItem
GetTitleBarInfo
BeginPaint
EndPaint

gdi32

CloseFigure
CreatePalette
GetClipBox
GetLayout
CreateBitmap

userenv

DeleteProfileA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 780KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ