e9fff40e82a32a34cd114d4847bd8293_JaffaCakes118 | Triage

Sharing

General

Target

e9fff40e82a32a34cd114d4847bd8293_JaffaCakes118
Size

635KB
MD5

e9fff40e82a32a34cd114d4847bd8293
SHA1

f276253fec2a35990a0f4c58455598003c5e0b0b
SHA256

1cb8b17ddcbcc24f222422476ab2416f6b7426257b1397b2642f2941b52a2536
SHA512

9727be21f954be3b36fd0de4d6356f7e65a03c5d0ca9fea21487ac923415693c8aaf85d5df0719b8edbfa58aa7d116ef4df5661d87ba9a42f0f5c3b9a4804f5d
SSDEEP

12288:GXyZ9OB1+rvybfo7LMarxx0mMlUBd8T6+o/jxUSGh/DzZc:Gmqvfygc8uBE6+OjaQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e9fff40e82a32a34cd114d4847bd8293_JaffaCakes118

Files

e9fff40e82a32a34cd114d4847bd8293_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0d9abac59e0a9b6ddbdaac974aa93f8e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
GetSystemDirectoryA
EnterCriticalSection
GetCommandLineA
GetLogicalDrives
GlobalAddAtomA
GetLocaleInfoA
VirtualProtect
GetStdHandle
CloseHandle
LockResource
GlobalFree
InterlockedExchange
GetLastError
HeapCreate
Sleep
LoadLibraryExA
RaiseException
GetFileAttributesExA
SetErrorMode
GlobalAddAtomA

user32

FrameRect
ReleaseDC
EndPaint
FillRect
ValidateRect
GetWindowTextA
GetActiveWindow
GetCursorPos
BeginPaint
GetWindow
GetFocus
GetClassNameA
IsIconic
ShowWindow
SetForegroundWindow
DrawTextA
wsprintfA
GetParent
FlashWindowEx

httpapi

HttpCreateHttpHandle
HttpInitialize
HttpAddFragmentToCache
HttpAddUrl
HttpTerminate

winhttp

WinHttpOpen

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ