daf6d8e7728bc4fcbac00ed16aa9e1a2_JaffaCakes118 | Triage

Sharing

General

Target

daf6d8e7728bc4fcbac00ed16aa9e1a2_JaffaCakes118
Size

415KB
MD5

daf6d8e7728bc4fcbac00ed16aa9e1a2
SHA1

13279d9dcdfc69da1ecf225d5f24bec06a140a50
SHA256

f5cc10789a156b0d81e640b469303a39aa2e0504b88f70453002c359d6911965
SHA512

aed2c5ccacf7104c4585a2eb318937af33798aad5129d74465fa31a34601970efbcb090ed94897688f065aa56c7cbe5d8fa40a7595be37b8fcb388a5943c0dc7
SSDEEP

12288:tZ6TIoft2yugll2jnAaeX6mXM3W4/Plf:tZ6glQlCn0X6X3WoNf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
daf6d8e7728bc4fcbac00ed16aa9e1a2_JaffaCakes118

Files

daf6d8e7728bc4fcbac00ed16aa9e1a2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

728e303366dcad4a5ffbf07265fc2958

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetACP
InterlockedExchange
GetStdHandle
SetErrorMode
LoadLibraryExA
FileTimeToLocalFileTime
GetCommandLineA
VirtualProtect
CloseHandle
IsBadReadPtr
GlobalFree
GlobalDeleteAtom
Sleep
LockResource
RaiseException
GetLogicalDrives
GetLocaleInfoA
EnterCriticalSection
GlobalAddAtomA
HeapCreate

user32

ShowWindow
GetClassNameA
ValidateRect
DrawEdge
GetWindow
GetWindowTextA
GetCursorPos
ReleaseDC
FrameRect
GetParent
SetForegroundWindow
wsprintfA
GetFocus
IsIconic
EndPaint
GetActiveWindow
GetMenuItemInfoA
BeginPaint
DrawTextA

httpapi

HttpCreateHttpHandle
HttpRemoveUrl
HttpInitialize
HttpAddUrl
HttpTerminate

msutb

GetPopupTipbar

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ