0afbf3ba7c2a5038cacc8da80aaa59ff_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0afbf3ba7c2a5038cacc8da80aaa59ff_JaffaCakes118
Size

776KB
MD5

0afbf3ba7c2a5038cacc8da80aaa59ff
SHA1

8e3db5b4bfe5646ea719cf94102d54d8c7f05e22
SHA256

44ed59a298276501a32634a50aa70e82a36b44019884e7931627977c0ccd75cb
SHA512

1c477d831e77f97efe0b415e1a12153be4ecaccc3cbffd0f7add3a041ed2581cc2f065480b208d7973dcbd0f686ee296aaa600b48d0aca2320fc3d8fa76c0ced
SSDEEP

384:lJkaI3ssjt+Yz2CYb0GVaT0ucQ1h6et+:lJkJ8JiTRcQb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0afbf3ba7c2a5038cacc8da80aaa59ff_JaffaCakes118

Files

0afbf3ba7c2a5038cacc8da80aaa59ff_JaffaCakes118
.exe windows:4 windows x86 arch:x86

efd0f1c148adddaaf716b12cc3cad5fd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalLock
GetProfileStringA
GetCommState
GlobalFlags
GetOEMCP
FindAtomA
ClearCommBreak
GetStdHandle
ExitProcess
GetVolumePathNameA
GetUserDefaultLangID
GetProcessHeap
VirtualAlloc
GlobalFree
EnterCriticalSection
CloseHandle
GetTapeStatus
CreateHardLinkA
CreateJobSet
FormatMessageA
GetModuleHandleA

user32

RegisterClassA
GetWindowTextLengthA
DrawEdge
BeginPaint
GetActiveWindow
IsIconic
GetParent
GetWindow
CloseWindow
GetDC
GetClassInfoExA
ValidateRect
GetClassNameA
ReleaseDC
ShowWindow
EndPaint
GetForegroundWindow
GetFocus
GetWindowTextA

gdi32

GetColorSpace
CreateDIBitmap
GetCharWidthA
CreateDCA
ExtCreatePen

sxs

SxsLookupClrGuid

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 748KB - Virtual size: 748KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 40B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ