dbc5de0b9fb2a2f0b0d970af2ccdf6cf_JaffaCakes118 | Triage

Sharing

General

Target

dbc5de0b9fb2a2f0b0d970af2ccdf6cf_JaffaCakes118
Size

22KB
MD5

dbc5de0b9fb2a2f0b0d970af2ccdf6cf
SHA1

be961f4de7ac04a48a8a36508d105e0abe4c2aa4
SHA256

7cb7e40820fbac6cb33f3cc1261efa714913d00d7a6ca63e5e01a50f37d49f8b
SHA512

fda9fabad41725e791276654c6498ac7621d6dccea923817ee3b3d5e2391f1f4d8e25d94ce5619382a63f8e598fd30753a97a3a25b21ef1af3f1fc53b9bac9c9
SSDEEP

192:zive16aeax0uGDKYg49f/F7+jXGRuo2C56KgzKYLqrl1n0U2FLk1S4kH2+0Y6bVD:zdToEj+13vIK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dbc5de0b9fb2a2f0b0d970af2ccdf6cf_JaffaCakes118

Files

dbc5de0b9fb2a2f0b0d970af2ccdf6cf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bf96102f9f35b17d78bd6ec82f3d28a5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Process32Next
Process32First
CreateToolhelp32Snapshot
CloseHandle
OpenProcess
GetProcAddress
LoadLibraryA
GetLastError
Sleep
SetUnhandledExceptionFilter
ReleaseMutex
CreateMutexA
GetCurrentProcess
GetCurrentThreadId
lstrlenW
CreateThread
WideCharToMultiByte
GetModuleHandleA

user32

GetMessageA
PostThreadMessageA
GetInputState
wsprintfA

advapi32

OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges

ole32

CoCreateInstance
CoInitialize

oleaut32

SysFreeString
VariantClear

wininet

InternetConnectA
HttpOpenRequestA
HttpSendRequestA
InternetCloseHandle
InternetOpenA

msvcrt

_strlwr
memset
memcpy
??3@YAXPAX@Z
__CxxFrameHandler
_stricmp
_onexit
??2@YAPAXI@Z
strlen
__dllonexit

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE