d57a1d4a6bf8afd14b05b445eac5fdb7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d57a1d4a6bf8afd14b05b445eac5fdb7_JaffaCakes118
Size

338KB
MD5

d57a1d4a6bf8afd14b05b445eac5fdb7
SHA1

431f8cafb232011e4ccb76060abc90a676806740
SHA256

c4055032aa3aa045bf2bd53c56dcb0661f56d3500065bd3b40f4799cdcff9eb4
SHA512

9d11bc7a31d70c80ad98e0eea1c47a4b99ed5b9480d95157a87a602e91d5f69e14fbc2cc135901aec3aa83fdb01ac1aaac04c9ff95a395cbf77aa115260171db
SSDEEP

6144:UFlFNDJInhDMNraScVCwyZ5Qp/i7ous5BpPzdIMYnaDzsJj:UFlFNJC+265QpiMF/dIPaPsJj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d57a1d4a6bf8afd14b05b445eac5fdb7_JaffaCakes118

Files

d57a1d4a6bf8afd14b05b445eac5fdb7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

51a49a8584fa795705d38a9a1b389acd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
OpenMutexA
LoadLibraryExA
VirtualProtectEx
IsBadReadPtr
GetLastError
CreateEventA
CloseHandle
FreeEnvironmentStringsA
lstrlenA
FindClose
GlobalLock
GlobalUnlock
LocalFree
GetConsoleCP
ResumeThread
GetSystemTime
GetStdHandle
IsBadStringPtrA
GetModuleHandleA

user32

CreateWindowExA
ClipCursor
IsMenu
RedrawWindow
GetMessageA
GetDlgItemTextA
SetFocus
GetMessageA
EndDialog
DialogBoxParamA
IsIconic
GetSubMenu
CheckMenuItem
DrawIconEx

wldap32

ldap_delete
ldap_compare
ldap_add
cldap_open
ldap_unbind

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ