d208588406f882080bd3e71555b9c596_JaffaCakes118 | Triage

Sharing

General

Target

d208588406f882080bd3e71555b9c596_JaffaCakes118
Size

312KB
MD5

d208588406f882080bd3e71555b9c596
SHA1

9d38308daad2f1851ebba62b467579acc69d724d
SHA256

744362079c9e91684cd7be038bd0b97e49452e92d52318d9c64a8abff062d578
SHA512

74ff120719677fed246a9376a358e96dfe8b2e3525661b5d3a4f01d83589dfa596d709f673f7387d7dc49724a9a9f15d448f7a61aba57ee443e051f378132464
SSDEEP

6144:Dd+NsHYcfGkNdCEW/gh95Re3YIAR6y0SROGN+4PrVAuJq:Dd+uH3fGoCEW/49zwdGI4PrVAQq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d208588406f882080bd3e71555b9c596_JaffaCakes118

Files

d208588406f882080bd3e71555b9c596_JaffaCakes118
.exe windows:4 windows x86 arch:x86

60bf01a28a1deb998d3037f2e24e52f2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeA
CloseHandle
GlobalDeleteAtom
LockResource
VirtualProtect
SetConsoleOutputCP
GetStdHandle
EnterCriticalSection
GetLocaleInfoA
GetACP
LoadLibraryExA
Sleep
SetErrorMode
InterlockedExchange
FileTimeToLocalFileTime
GlobalFree
GetLastError
HeapCreate
IsBadReadPtr
GlobalAddAtomA
RaiseException

user32

IsIconic
GetCursorPos
BeginPaint
GetParent
GetClassNameA
GetMenuItemInfoA
ReleaseDC
GetActiveWindow
GetWindow
DrawEdge
ValidateRect
wsprintfA
SetForegroundWindow
GetFocus
ShowWindow
GetWindowTextA
ClipCursor
EndPaint
DrawTextA

httpapi

HttpCreateHttpHandle
HttpRemoveUrl
HttpInitialize
HttpAddUrl
HttpTerminate

msutb

GetPopupTipbar

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ