fde83b1e2111d737a8f18c096a9c1f98_JaffaCakes118 | Triage

Sharing

General

Target

fde83b1e2111d737a8f18c096a9c1f98_JaffaCakes118
Size

16KB
MD5

fde83b1e2111d737a8f18c096a9c1f98
SHA1

9e04cdc54b46497a24a8de87fdcdde5533809807
SHA256

33b8289234ac444d97a1cfc88c70db80ad88aade73853b0ed8e6090c803c5335
SHA512

145dfcff04568309820fca5db3e9ea080a45f4c3788a6eb9cc01ead777167c829baa1092bf7bc32f845f78baf3129663a42a2d61108d20e9143ab492391d6560
SSDEEP

384:epvDWr2EudarhOzIcZ27xc18fTrg4t4TFrn:srDERV2I627xcuf4O4TFrn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fde83b1e2111d737a8f18c096a9c1f98_JaffaCakes118

Files

fde83b1e2111d737a8f18c096a9c1f98_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ac1b8f00be2b831fa73489c840d376f0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
EnterCriticalSection
RaiseException
LockResource
MultiByteToWideChar
Sleep
GlobalUnlock
GetTimeFormatA
GetACP
LoadLibraryExA
GlobalFree
CloseHandle
GlobalDeleteAtom
GlobalAddAtomA
SizeofResource
HeapCreate
GetLastError
SetErrorMode
SetConsoleCP
VirtualProtect
GetPriorityClass

user32

AnyPopup
BeginPaint
GetCursorPos
ValidateRect
GetMenuItemInfoA
GetWindowTextA
EndPaint
GetForegroundWindow
GetWindow
ReleaseDC
GetClassInfoExA
IsIconic
GetParent
ShowWindow
GetActiveWindow
GetFocus
DrawMenuBar
GetClassNameA
DrawEdge

mprapi

MprAdminUserClose
MprAdminUserGetInfo
MprAdminUserRead
MprAdminUserWrite
MprAdminUserOpen

mapi32

MAPILogonEx

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ