12257176910694c7d5dbc448cebc6f11_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

12257176910694c7d5dbc448cebc6f11_JaffaCakes118
Size

16KB
MD5

12257176910694c7d5dbc448cebc6f11
SHA1

b89cd482bdd63bb62df8bf47e61a829314f44d05
SHA256

abbf28f5fb7d93e6e052a54f50fcd93104293e5c32e9667f9bc1c45cc876ca95
SHA512

f8f2bcaddc353c8a70aed3b091820c5cdcb5ecfe7a3210666de0d7fb9534bbde8de9d54760364e2ab50be93099b76862df65ad1ed3a86af4a23664da3c04a37c
SSDEEP

384:GiaefyH7vUJGuei7/hYHkNtffSzpmtezX6:GQ6H78oZS/bRPeW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12257176910694c7d5dbc448cebc6f11_JaffaCakes118

Files

12257176910694c7d5dbc448cebc6f11_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a2df03e4e6602b08800d52edbb7a2899

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
GlobalAddAtomA
CloseHandle
LoadLibraryExA
GlobalFree
LockResource
GetACP
GetStdHandle
SizeofResource
RaiseException
GetLastError
VirtualProtect
WriteProfileStringA
FreeConsole
LocalFree
EnterCriticalSection
GetTimeFormatA
lstrcpyA
DeleteAtom
GlobalAddAtomA
GlobalUnlock

user32

ReleaseDC
GetDC
GetWindowTextLengthA
CloseWindow
GetClassInfoExA
GetParent
DrawEdge
GetWindowTextA
EndPaint
GetWindow
ShowWindow
BeginPaint
IsIconic
AlignRects
ValidateRect
GetActiveWindow
GetFocus
GetForegroundWindow
GetClassNameA

mprapi

MprAdminUserClose
MprAdminUserOpen
MprAdminUserWrite
MprAdminUserRead
MprAdminUserGetInfo

mapi32

MAPILogonEx

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ