4693b5e47c795904f5a0757cc1f3b43b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4693b5e47c795904f5a0757cc1f3b43b_JaffaCakes118
Size

735KB
MD5

4693b5e47c795904f5a0757cc1f3b43b
SHA1

6e7266c3f4920aa37f998ddbbc71ebfb81a8bb9e
SHA256

770bcf5735ef314b2290a4ffa1ccfbb81b13b479f51e3c6247f9a367d6f00311
SHA512

c5b44fdaf24336da7d640ce94c5d9d1dd510c5812deda8f49e0f4a1ed03cccd5326efa978713e22b2b5e7f971320454a6589c0afcc36cee9eaa920a4408221f6
SSDEEP

12288:Z0yG5SzNmJCSiM/UeX1jGlr7NuX3uk7Xutla789hBAgmeL0XeVe1hsJx4CFF:ZsI2CZGGR7NuHb7Xwlq2hSyoAUWx4CFF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/firefox.exe

Files

4693b5e47c795904f5a0757cc1f3b43b_JaffaCakes118
.rar
firefox.exe
.exe windows:4 windows x86 arch:x86

4d7a86155ba8f1e80d071d640f8323ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocalTime
GetLastError
GetMailslotInfo
GetModuleHandleA
LoadLibraryW
SetEvent
ExitProcess
lstrlenA
TlsFree
InterlockedExchange
CloseHandle
VirtualProtect
CreateMutexA
GetOEMCP
GetTickCount
GetSystemTime
FindResourceExA
DeleteAtom
GlobalFree
PulseEvent
GlobalFlags

user32

DestroyMenu
PostQuitMessage
SetPropA
EnableScrollBar
InflateRect
DialogBoxParamA
GetScrollRange
GetMenu
MessageBoxA
DispatchMessageA
PrintWindow
PostMessageA
GetKeyboardLayout
GetParent
TranslateMessage
GetMenuStringA
GetTitleBarInfo
UpdateWindow
SetWindowPos
EqualRect
GetDlgItem
LoadIconA
ModifyMenuA
ShowWindow
GetWindowLongA
DrawFrame
GetSubMenu
InsertMenuA
ScrollDC

msacm32

acmStreamClose
acmDriverClose
acmMetrics
acmDriverAddA
acmDriverID

shell32

ShellMessageBoxA

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ