d991c537d32542b2b2831f6fce149dc0_JaffaCakes118 | Triage

Sharing

General

Target

d991c537d32542b2b2831f6fce149dc0_JaffaCakes118
Size

415KB
MD5

d991c537d32542b2b2831f6fce149dc0
SHA1

4b30dc2b38561851ac9047052e890f19f2fea29a
SHA256

23d513e3e3b43a2da0289daa421314546a27b998c54a2ccff888b7a1e11c9a00
SHA512

e7ab1ea30db2c2234bd78d4b5db5f7fe67a406c7b5a31e8150af652cfddfbb6586fda8808ec447857e51354eaee9352ca7034b8bcc387b6d542d7f0ff5114911
SSDEEP

12288:tZ6TIoft2yugll2jnAaeX6mXM3W4/Plf:tZ6glQlCn0X6X3WoNf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d991c537d32542b2b2831f6fce149dc0_JaffaCakes118

Files

d991c537d32542b2b2831f6fce149dc0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8d84b43af2aebd34b63c4020fddedbf3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetLocaleInfoA
GlobalAddAtomA
FileTimeToLocalFileTime
IsBadReadPtr
GetACP
InterlockedExchange
GetStdHandle
SetErrorMode
LoadLibraryExA
HeapCreate
EnterCriticalSection
Sleep
CloseHandle
GlobalFree
GlobalDeleteAtom
LockResource
GetLogicalDrives
VirtualProtect
GetCommandLineA
RaiseException

user32

GetClassNameA
EndPaint
ReleaseDC
GetCursorPos
FrameRect
GetWindowTextA
DrawEdge
GetMenuItemInfoA
GetWindow
IsIconic
ValidateRect
DrawTextA
BeginPaint
GetFocus
SetForegroundWindow
ShowWindow
wsprintfA
GetParent
GetActiveWindow

httpapi

HttpTerminate
HttpInitialize
HttpAddUrl
HttpRemoveUrl
HttpCreateHttpHandle

msutb

GetPopupTipbar

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ