dfa8775298dc8429c13d86b93a2e008f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dfa8775298dc8429c13d86b93a2e008f_JaffaCakes118
Size

415KB
MD5

dfa8775298dc8429c13d86b93a2e008f
SHA1

29beffec349052435028ca31c162ad9998d82b1c
SHA256

499e9aa6c7f69cba2c3f031722ed137fcd89f20570b18685d745c094e2c54014
SHA512

beec540e0639a7adca9eecca30e9d79daa297f0e7823e0e5b1f92c72e1195df23bfe7b722f619b6ae2bcb04dd841bd3847b3c5b7ad23a9a953520d69a31e1dfe
SSDEEP

12288:YZ6TIoft2yugll2jnAaeX6mXM3W4/Plf:YZ6glQlCn0X6X3WoNf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dfa8775298dc8429c13d86b93a2e008f_JaffaCakes118

Files

dfa8775298dc8429c13d86b93a2e008f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

728e303366dcad4a5ffbf07265fc2958

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetACP
InterlockedExchange
GetStdHandle
SetErrorMode
LoadLibraryExA
FileTimeToLocalFileTime
GetCommandLineA
VirtualProtect
CloseHandle
IsBadReadPtr
GlobalFree
GlobalDeleteAtom
Sleep
LockResource
RaiseException
GetLogicalDrives
GetLocaleInfoA
EnterCriticalSection
GlobalAddAtomA
HeapCreate

user32

ShowWindow
GetClassNameA
ValidateRect
DrawEdge
GetWindow
GetWindowTextA
GetCursorPos
ReleaseDC
FrameRect
GetParent
SetForegroundWindow
wsprintfA
GetFocus
IsIconic
EndPaint
GetActiveWindow
GetMenuItemInfoA
BeginPaint
DrawTextA

httpapi

HttpCreateHttpHandle
HttpRemoveUrl
HttpInitialize
HttpAddUrl
HttpTerminate

msutb

GetPopupTipbar

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ