17854fbc741f9d2b2ad88214cb7cd612_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

17854fbc741f9d2b2ad88214cb7cd612_JaffaCakes118
Size

272KB
MD5

17854fbc741f9d2b2ad88214cb7cd612
SHA1

04cb7b5c6b39d55dc4b9d2a7cd4d635105ef5756
SHA256

2e31721c8688855dbdb8078ad1add23336a12ec2eeb1909f9f70a4b867506bfc
SHA512

b1767a0dc64c50ff0393545c622b69ea86496c32f7a6bed2a5a19c0aa3b987238992a2245c436f8cef4f63521e6f7dc1af375bc551f738074df788d20524536b
SSDEEP

6144:JcwuO3NYDsNAdnQWMAN6l5yjiqXRZtWpfvxs5kiha0At:Jc7O3N50BMukyHgG51At

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17854fbc741f9d2b2ad88214cb7cd612_JaffaCakes118

Files

17854fbc741f9d2b2ad88214cb7cd612_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cd560bdc0a47b15e028f884ada121410

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
CloseHandle
GlobalAddAtomA
GetStdHandle
LockResource
VirtualProtect
EnterCriticalSection
InterlockedExchange
HeapCreate
GlobalDeleteAtom
LoadLibraryExA
GetACP
GetLastError
GlobalUnlock
RaiseException
SetErrorMode
GetLocaleInfoA
GetDriveTypeA
Sleep
SetConsoleCP
FoldStringA

user32

GetCursorPos
CharToOemBuffA
DrawEdge
EndPaint
GetWindow
GetParent
GetActiveWindow
ReleaseDC
SetForegroundWindow
ClipCursor
ShowWindow
IsIconic
BeginPaint
ValidateRect
GetFocus
GetWindowTextA
GetMenuItemInfoA
DrawTextA
GetClassNameA

version

VerQueryValueA
GetFileVersionInfoA
VerFindFileA
VerInstallFileA
GetFileVersionInfoSizeA

rasadhlp

WSAttemptAutodialName

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 704KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ