095650a80d5029ac6db5a129e27de6f6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

095650a80d5029ac6db5a129e27de6f6_JaffaCakes118
Size

241KB
MD5

095650a80d5029ac6db5a129e27de6f6
SHA1

a02fc92150774ecb3370e529f395d896289ea3fb
SHA256

d1317d82328f28759155c80250324740349f426c6839cdaf7862ecd15d340abb
SHA512

e73b62d0e4934c7e50bcf31e1378be1b5ea9d752b942801e226db2702d29cc06670ad4312a367708c4313e9b3f3112d94eef68ed91d01c05a6b057c076df28c8
SSDEEP

6144:MMG5fueYMKcL9Lna51smcQzPcDQyT04DsGGPkA:MXfuJaa5ztcvTi7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
095650a80d5029ac6db5a129e27de6f6_JaffaCakes118

Files

095650a80d5029ac6db5a129e27de6f6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2abaa44545812b3d2875c569713294d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsolePalette
GetOEMCP
LoadLibraryExA
GetProfileStringA
GlobalLock
CloseHandle
HeapCreate
LocalFree
GlobalUnlock
GlobalFree
GlobalAddAtomA
LoadResource
SetCommBreak
GetProcessHeap
lstrcat
EnterCriticalSection
GlobalFindAtomA
DeleteAtom
GetStdHandle
VirtualAlloc
RaiseException

user32

BeginPaint
GetWindowTextLengthA
AlignRects
GetFocus
CloseWindow
IsIconic
GetClassInfoExA
GetDC
ShowWindow
GetActiveWindow
GetWindow
GetWindowTextA
GetClassNameA
DrawEdge
ValidateRect
GetParent
ReleaseDC
EndPaint
GetForegroundWindow

wsock32

WSACleanup
WSAAsyncGetServByPort
WSAStartup
WSAGetLastError
WSASetBlockingHook

linkinfo

CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 596KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ