41ad0e54df2967d0ccae2ce1cd3b23ba_JaffaCakes118 | Triage

Sharing

General

Target

41ad0e54df2967d0ccae2ce1cd3b23ba_JaffaCakes118
Size

447KB
MD5

41ad0e54df2967d0ccae2ce1cd3b23ba
SHA1

b3ba67af979090ec4f856f8b7065b566de6f1805
SHA256

c244f07901ca22d31792111b4bfe643fe87458e4231dcc021e7368eb56c87acd
SHA512

d0fb85ba46317eebcc48c22646f977f34e218c105188573885d1fd684f34857c3d42bcff6ecda6167767e8c6cfaa6b593be6b672228a9bd07fb9614faaaeeb5f
SSDEEP

12288:1vGKHzjSRu3rI9gdRdvLnAC97V392lP7HUeox3:1vG2XhrI+dRdkC9p3MR7e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41ad0e54df2967d0ccae2ce1cd3b23ba_JaffaCakes118

Files

41ad0e54df2967d0ccae2ce1cd3b23ba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

316cec1a5e7f864ec37ef590ca7e5913

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockResource
Sleep
GetStdHandle
GetLocaleInfoA
VirtualProtect
RaiseException
CloseHandle
HeapCreate
GetLastError
SetConsoleOutputCP
FoldStringA
GlobalAddAtomA
GetDriveTypeA
GlobalFree
LoadLibraryExA
GlobalDeleteAtom
GlobalUnlock
SetErrorMode
InterlockedExchange
EnterCriticalSection
GetACP

user32

GetActiveWindow
GetClassNameA
GetWindow
GetCursorPos
ClipCursor
ShowWindow
GetWindowTextA
DrawTextA
GetMenuItemInfoA
DrawEdge
ValidateRect
GetFocus
SetForegroundWindow
BeginPaint
ReleaseDC
GetParent
EndPaint
IsIconic
CharToOemBuffA

version

VerInstallFileA
GetFileVersionInfoA
VerFindFileA
GetFileVersionInfoSizeA
VerQueryValueA

rasadhlp

WSAttemptAutodialName

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ