e0e35b9b8e40b3532c5e2e4e3ec87173_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e0e35b9b8e40b3532c5e2e4e3ec87173_JaffaCakes118
Size

415KB
MD5

e0e35b9b8e40b3532c5e2e4e3ec87173
SHA1

633ba462cabbdc1ce80f6efee713f67a79e27b3c
SHA256

5b6c3a544108faa10fca68565fe9747d5148e3a86d855c5c9fc7d83bef2bb5cf
SHA512

64cb530f7a85ed988136751a85f7e7ca6d2d0cd60403bc1ba7fb74dd75af740e2e0324de29920305b54f7fc4feb6085018b13aded7ff5b3c9aeb26f2329f6467
SSDEEP

6144:W1ojUwD3TilJTq4y+ydvMQp7Tmd7xG8twYU42vw:WKowTWTq4yzd/tS7U8tEn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0e35b9b8e40b3532c5e2e4e3ec87173_JaffaCakes118

Files

e0e35b9b8e40b3532c5e2e4e3ec87173_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f3138b38be1bd53b33831e5855d47fd5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalDeleteAtom
RaiseException
LoadLibraryExA
GetACP
LockResource
GetLocaleInfoA
GlobalAddAtomA
InterlockedExchange
GetStdHandle
SetErrorMode
GetLogicalDrives
HeapCreate
GetSystemDirectoryA
CloseHandle
GlobalFree
GetLastError
VirtualProtect
Sleep
GetCommandLineA
EnterCriticalSection
GetFileAttributesA

user32

FrameRect
wsprintfA
DrawTextA
GetCursorPos
SetForegroundWindow
GetActiveWindow
GetMenuItemInfoA
GetClassNameA
IsIconic
GetFocus
GetParent
ValidateRect
BeginPaint
ShowWindow
DrawEdge
ReleaseDC
EndPaint
GetWindow
GetWindowTextA

httpapi

HttpCreateHttpHandle
HttpRemoveUrl
HttpAddUrl
HttpInitialize
HttpTerminate

wshtcpip

WSHNotify

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ