ed2784c63673f42dd3cbddd88d97b547_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ed2784c63673f42dd3cbddd88d97b547_JaffaCakes118
Size

417KB
MD5

ed2784c63673f42dd3cbddd88d97b547
SHA1

b6bcff68e5e442896f6fd5027002dd942f55b27b
SHA256

dbe7a975e8cc7f1c638a34f5d44ca28c9780e7d7b659829585a7397241e8b7c7
SHA512

6494dc2a23b8f1097cce7ebc2bb1af590e76610b13fe2093b9facda225cd80cea6097ca694ad5f98ab0d1c9406f7e390fa1c070d82f09014f1b309b869bba482
SSDEEP

6144:r4YCqLZh14jvgvqh9Q0CUSGTEkARBNDgbq8M9Mxdb9feBc1e:Xh1vqhi0Cy4kARLBak

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ed2784c63673f42dd3cbddd88d97b547_JaffaCakes118

Files

ed2784c63673f42dd3cbddd88d97b547_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bfc058d101b6384e66a62f761f10202f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
ClearCommBreak
GetOEMCP
GetProcessHeap
DeleteAtom
GetProfileStringA
LoadLibraryExA
GlobalLock
lstrcpyn
GlobalAddAtomA
CloseHandle
EnterCriticalSection
GetCommState
GlobalFindAtomA
VirtualAlloc
ExitThread
LocalSize
RaiseException
GetStdHandle
LoadResource
GlobalCompact

user32

DrawEdge
RegisterClassA
CloseWindow
GetWindowTextA
GetActiveWindow
GetForegroundWindow
GetParent
ValidateRect
GetFocus
IsIconic
GetWindow
GetDC
BeginPaint
ShowWindow
GetWindowTextLengthA
ReleaseDC
GetClassNameA
EndPaint
GetClassInfoExA

wsock32

WSAAsyncSelect
WSAStartup
WSACleanup
WSAGetLastError
WSAIsBlocking

duser

GetStdColorF

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ