f74da4cb58be5d38de0d5da1286d336d_JaffaCakes118 | Triage

Sharing

General

Target

f74da4cb58be5d38de0d5da1286d336d_JaffaCakes118
Size

313KB
MD5

f74da4cb58be5d38de0d5da1286d336d
SHA1

ad66a2c16165182a1efe56f712419195ff073512
SHA256

e72b0c789aae217b0bbc575361c3ce1bb7ecda572e8fc023825d86020040e2dc
SHA512

1fd91d888528eee1a44ebb2add18530859928ac3b3c25d9d072c5ca6a36e30ce555a691902b6161f17db1a29aeea210e6f96ccb9caca1fd7b2a836c71c0342f2
SSDEEP

6144:tz5K14o/r+O7+1RKXrHJk5UXkalaqq8+8gXmgGVyuD1G0IUJmqHafm:TK/S/2XrHJmR8NgGouRNBsqHem

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f74da4cb58be5d38de0d5da1286d336d_JaffaCakes118

Files

f74da4cb58be5d38de0d5da1286d336d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

71057cbd24ad5598703e0c8e9af19eee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
GetCommState
GlobalFree
CloseHandle
ClearCommBreak
GlobalCompact
EnterCriticalSection
ExitThread
VirtualAlloc
GlobalLock
GetStdHandle
DeleteAtom
GlobalFlags
GetProcessHeap
LoadLibraryExA
GetProfileStringA
ReadProcessMemory
FindAtomA
FormatMessageA
GetTapeStatus
CreateHardLinkA

user32

ValidateRect
GetDC
GetActiveWindow
GetForegroundWindow
GetFocus
ReleaseDC
GetWindowTextA
CloseWindow
DrawEdge
RegisterClassA
EndPaint
ShowWindow
IsIconic
GetClassNameA
GetParent
GetWindowTextLengthA
GetClassInfoExA
BeginPaint
GetWindow

wsock32

WSAAsyncSelect
WSAGetLastError
WSACleanup
WSAIsBlocking
WSAStartup

dot3api

Dot3SetProfile

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ