ff7f2226d785622b83ad4cfe9c5f8e0d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ff7f2226d785622b83ad4cfe9c5f8e0d_JaffaCakes118
Size

635KB
MD5

ff7f2226d785622b83ad4cfe9c5f8e0d
SHA1

2cbe1bdaa7a677b7d7891beb6dc3e264d003984f
SHA256

083480f350f33a4e135f1f22aec96af70eec262e5acedf3919d729a7a603df83
SHA512

2d6d9e50d97b02800e1725667d3a849d0e460a2186e7a294e4acf97056cf3828d5bc5ce3c70cb3041a9eb10cd9423d4a05c6c9713f41e3c0509efa3f47e4e62e
SSDEEP

12288:9HPiCcaFlOiplwF7MPz+3rxn6F7IH7zZIM5v8+8sA7fLYFJ6EMlVArjYr:9HbcKI2wF7ei3Nt7PNj8sA3YFsNk2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff7f2226d785622b83ad4cfe9c5f8e0d_JaffaCakes118

Files

ff7f2226d785622b83ad4cfe9c5f8e0d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

428268eb69d7819e8e7fb1a86ec1928b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchange
GetSystemDirectoryA
GlobalFree
SetEvent
ReleaseMutex
GetStdHandle
GetLocaleInfoA
CloseHandle
FindFirstFileA
GetLogicalDrives
VirtualProtect
EnterCriticalSection
HeapCreate
SetErrorMode
LoadLibraryExA
GetLastError
GetACP
RaiseException
Sleep
GetCommandLineA
ResetEvent

user32

IsIconic
FlashWindowEx
FrameRect
ValidateRect
GetParent
GetClassNameA
DrawTextA
EndPaint
GetActiveWindow
wsprintfA
ReleaseDC
FillRect
GetWindow
SetForegroundWindow
ShowWindow
GetWindowTextA
GetFocus
BeginPaint
GetCursorPos

httpapi

HttpCreateHttpHandle
HttpInitialize
HttpTerminate
HttpAddUrl
HttpAddFragmentToCache

winhttp

WinHttpOpen

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ