e21e405f2da799fe7a5be43eada6a3c1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e21e405f2da799fe7a5be43eada6a3c1_JaffaCakes118
Size

241KB
MD5

e21e405f2da799fe7a5be43eada6a3c1
SHA1

57eae214f0960a3722bf7ab8e239ff537f3eb328
SHA256

966b0381aa1b8b08b2c0d50a8d95df78733ef6708bfe69b8e82325ee32a04a14
SHA512

27964256603adb58cc4fb8539b3fb3a1db3fab9732cc31137ab798c2dd4878bfe7edf69118b2d6a8c70b81905d5f3cfffb9306bcffc0fc7e8ca46e1b4ca1ede6
SSDEEP

6144:7M4Jg5oOGNYjTReDWJ3+JVtztzJL8/3sithMgdHuvDGy7AD:7Lb6eDWJ3+JztzhYthTd2GVD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e21e405f2da799fe7a5be43eada6a3c1_JaffaCakes118

Files

e21e405f2da799fe7a5be43eada6a3c1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c52db7360c5e25e8733bd60df77ca0a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAddAtomA
HeapCreate
InterlockedExchange
FoldStringA
GetStdHandle
GetDriveTypeA
GetLocaleInfoA
GetLastError
LoadLibraryExA
CloseHandle
Sleep
GlobalFree
LockResource
RaiseException
GlobalUnlock
VirtualProtect
SetErrorMode
GetACP
GlobalDeleteAtom
EnterCriticalSection
SetConsoleCP

user32

ShowWindow
GetParent
GetFocus
GetCursorPos
SetForegroundWindow
GetActiveWindow
GetClassNameA
BeginPaint
EndPaint
CharToOemA
GetMenuItemInfoA
ClipCursor
DrawEdge
IsIconic
ValidateRect
GetWindow
ReleaseDC
DrawTextA
GetWindowTextA

version

VerLanguageNameA
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerFindFileA
VerQueryValueA

rasadhlp

WSAttemptAutodialName

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 596KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ