fe6405d9a39beefff073b97b25128fd8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fe6405d9a39beefff073b97b25128fd8_JaffaCakes118
Size

311KB
MD5

fe6405d9a39beefff073b97b25128fd8
SHA1

17899fb0e9f167053c867e9a4c480674134bc4c1
SHA256

287a70c53794898da957ae24c6eb4b815440da500a248d448f59761138824dee
SHA512

4aa3d6cff15bcc40af45542ea49ba35e93ce3c292aeda610834988cd0ab56cd1ae5c12291e44f9c23cffa4beba2bb499378ecfc64e0c4ac7a8a7722f3c86ea78
SSDEEP

6144:U4AvzjbbHLCL7pBLfCartChwkmBjH+7hvwTR3Z+3VW6qkFtnJr7JOU9r:U4ajbbqJCarAVmBQhId3GVTFxZVT9r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe6405d9a39beefff073b97b25128fd8_JaffaCakes118

Files

fe6405d9a39beefff073b97b25128fd8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

369559ff2502db69a4ac256ea91d0fed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoA
GlobalAddAtomA
Sleep
CloseHandle
GetDriveTypeA
GlobalDeleteAtom
GetStdHandle
LoadLibraryExA
RaiseException
EnterCriticalSection
GetACP
FileTimeToLocalFileTime
GlobalUnlock
HeapCreate
VirtualProtect
SetConsoleOutputCP
LockResource
InterlockedExchange
SetErrorMode
GetLastError
GlobalFree

user32

GetWindow
GetActiveWindow
DrawEdge
DrawTextA
ClipCursor
ShowWindow
GetFocus
BeginPaint
ValidateRect
GetMenuItemInfoA
GetWindowTextA
ReleaseDC
OemToCharA
GetCursorPos
GetClassNameA
IsIconic
EndPaint
SetForegroundWindow
GetParent

ntdsapi

DsCrackNamesA
DsBindA
DsGetSpnA
DsIsMangledDnA
DsFreeNameResultA

netapi32

DsRoleCancel

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ