0d5f3f2f0c2e3eda524ab4561b7df144_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0d5f3f2f0c2e3eda524ab4561b7df144_JaffaCakes118
Size

150KB
MD5

0d5f3f2f0c2e3eda524ab4561b7df144
SHA1

34fc46703f426066399aa7e5198e4d568461d148
SHA256

9669713900a4c994e45a80d66fcebe75e33168bb9bfa0f8309c3b9cb1905f0e0
SHA512

e79f5b9b2827d7a687c3e6ec1cadc003f65d99f0b2b0b4692f35a5636219a4638267bfa9e9cd91d0793c7adaca2dafe069b2d1838ca4286018b1867fbcc04469
SSDEEP

3072:hDE9aZv8yMQic3btpbF4HmXsP/8/vOwYluDXgLaR7:I8v5Gc3btdvw/22w6QgLal

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d5f3f2f0c2e3eda524ab4561b7df144_JaffaCakes118

Files

0d5f3f2f0c2e3eda524ab4561b7df144_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ee8bbcf7a9715c469de570a76731ac31

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadResource
GetOEMCP
SetConsolePalette
GetStdHandle
VirtualAlloc
WriteProfileStringA
CloseHandle
RaiseException
GlobalAddAtomA
HeapCreate
LoadLibraryExA
LocalFree
DeleteAtom
GetLastError
lstrcat
EnterCriticalSection
GlobalFree
GlobalUnlock
SetCommBreak
GlobalAddAtomA
IsBadCodePtr

user32

BeginPaint
GetWindowTextLengthA
CloseWindow
EndPaint
GetFocus
GetForegroundWindow
GetWindow
DrawEdge
ShowWindow
GetDC
ReleaseDC
GetWindowTextA
ValidateRect
IsIconic
GetActiveWindow
GetClassInfoExA
AlignRects
GetParent
GetClassNameA

wsock32

WSAAsyncGetServByPort
WSACleanup
WSAStartup
WSASetBlockingHook
WSAGetLastError

linkinfo

CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ