dbcc7f5c6510b7b39d6cf314af685ea4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dbcc7f5c6510b7b39d6cf314af685ea4_JaffaCakes118
Size

415KB
MD5

dbcc7f5c6510b7b39d6cf314af685ea4
SHA1

f73af5901651c76b37aa2120c745b7356207ddbf
SHA256

ec0c0d3ee674d07a512bed4fef45d5ae35515960bc35e4e7a8edb84749a2b673
SHA512

8c9dd7608b81278f1596a9c044c77a24341341de9d1f3d2670516c301a8c1ad80cba66f9c390fc46433d0bc807f23bfe6bfbcc49beb5b309cd901f5c22865532
SSDEEP

6144:S6b2I7dBJY+l8EAnddMJfnDnDYiktjAg2SDj2uqLUITtjtz:S6qIprYLsr0iktjrpDSFJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dbcc7f5c6510b7b39d6cf314af685ea4_JaffaCakes118

Files

dbcc7f5c6510b7b39d6cf314af685ea4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

333d9850b2ab74f04a8258680513b1f7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoA
InterlockedExchange
GetStdHandle
LoadLibraryExA
GetLastError
GlobalAddAtomA
GlobalAddAtomA
GlobalFree
GetSystemDirectoryA
EnterCriticalSection
Sleep
GetACP
GetCommandLineA
RaiseException
GetFileAttributesExA
VirtualProtect
CloseHandle
SetErrorMode
GetLogicalDrives
LockResource
HeapCreate

user32

ValidateRect
SetForegroundWindow
ReleaseDC
DrawTextA
BeginPaint
ShowWindow
wsprintfA
GetFocus
GetWindowTextA
FlashWindowEx
FillRect
IsIconic
GetParent
GetWindow
FrameRect
GetActiveWindow
EndPaint
GetCursorPos
GetClassNameA

httpapi

HttpAddUrl
HttpInitialize
HttpCreateHttpHandle
HttpTerminate
HttpAddFragmentToCache

winhttp

WinHttpOpen

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ