d17ec4dae62b9648f345e7a739360a7b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d17ec4dae62b9648f345e7a739360a7b_JaffaCakes118
Size

16KB
MD5

d17ec4dae62b9648f345e7a739360a7b
SHA1

5293a679c88b6a7c5333d2b4a3358cfcc6789f58
SHA256

aacb48033b9793169c7f27f8f5b8efd6f2848f52fb1e7f4c06dee5f5c309e1ad
SHA512

1d554be0ee71484c40c3dc5c47207c884d420074255ac1bc9aef256f51e1204580fc712363ff5bb1547f7257ab7895c592ff6773b8e08382e4045b99cd7fadf1
SSDEEP

192:WLFKJGyAkSYSgb23DMxPYgrpt+cNbrAu:W8JPAHDgb6uAg1tzNbrA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d17ec4dae62b9648f345e7a739360a7b_JaffaCakes118

Files

d17ec4dae62b9648f345e7a739360a7b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6bbae224ef311b3b86454951717ea4ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
LoadLibraryExA
GetStdHandle
GetLastError
GetLocaleInfoA
FindFirstFileA
InterlockedExchange
ReleaseMutex
VirtualProtect
GetLogicalDrives
GetSystemDirectoryA
GetCommandLineA
GetACP
SetErrorMode
Sleep
GlobalFree
RaiseException
CloseHandle
ResetEvent
SetEvent
EnterCriticalSection

user32

GetWindowTextA
GetCursorPos
GetWindow
GetActiveWindow
EndPaint
ShowWindow
GetParent
FrameRect
IsIconic
GetFocus
wsprintfA
DrawTextA
BeginPaint
GetClassNameA
FlashWindowEx
ReleaseDC
FillRect
ValidateRect
SetForegroundWindow

httpapi

HttpInitialize
HttpCreateHttpHandle
HttpAddUrl
HttpAddFragmentToCache
HttpTerminate

winhttp

WinHttpOpen

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ