f02a5c6427949aa8b1bf04f255c6a90f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f02a5c6427949aa8b1bf04f255c6a90f_JaffaCakes118
Size

635KB
MD5

f02a5c6427949aa8b1bf04f255c6a90f
SHA1

c0a4abda75842f227928591d43c2b8b21854ba2c
SHA256

3c92de0c7acc3646ab9336d32e4c612d72f00afbf6fe989911177d7f04553057
SHA512

5f8971fb00721e727fb5c43fa5ba69f3fd373cf88b11fc046fefb6b83cec743a5410b1356f5673e82a937e09b09cd0fd3342d9f3bad869349814e4290d79cc47
SSDEEP

12288:+yxm9RgL/ze31xHMoOEK1ahFWw+dNzs6zD4ZljMa8xHOo0cnqd40kOi7PN:DYj8e7so9KKFWw+PsyBco0cn5NN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f02a5c6427949aa8b1bf04f255c6a90f_JaffaCakes118

Files

f02a5c6427949aa8b1bf04f255c6a90f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3dd70ffca736fbafd42129f48d788818

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
GlobalUnlock
Sleep
CloseHandle
FileTimeToLocalFileTime
HeapCreate
GlobalFree
GlobalAddAtomA
RaiseException
GetStdHandle
GlobalDeleteAtom
InterlockedExchange
SetErrorMode
GetLocaleInfoA
VirtualProtect
GetACP
LoadLibraryExA
SetConsoleOutputCP
GetLastError
LockResource
GetDriveTypeA

user32

ReleaseDC
DrawTextA
BeginPaint
EndPaint
IsIconic
GetFocus
SetForegroundWindow
GetParent
OemToCharW
DrawEdge
GetCursorPos
GetWindow
ShowWindow
ClipCursor
GetWindowTextA
ValidateRect
GetClassNameA
GetMenuItemInfoA
GetActiveWindow

httpapi

HttpAddUrl
HttpCreateHttpHandle
HttpInitialize
HttpRemoveUrl
HttpTerminate

msutb

GetPopupTipbar

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ