1581d4727f7f09817e4ad24116e471a0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1581d4727f7f09817e4ad24116e471a0_JaffaCakes118
Size

422KB
MD5

1581d4727f7f09817e4ad24116e471a0
SHA1

6eab561a61428f632ca1df29d5dbde727177bf19
SHA256

2942adec935dd92f0af0564beaba1dea81f2ee9105e738ff1b4ae047c0b518da
SHA512

d4f34c130ee40bf18cd23734df3b408309aa7d127ff110c876ee1c03ab8284f7414d29de650e9c81f7abeb98d6e7f4b11fe375395f8cc90ecb26b930ba6286a1
SSDEEP

6144:rvzin7XJXsPpmvUEgYZX3MBP4Q6LJycccrp0GiLBiGpsNZoN:zO7XJX+4DgYBu4NtyccEfcowsNZO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1581d4727f7f09817e4ad24116e471a0_JaffaCakes118

Files

1581d4727f7f09817e4ad24116e471a0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2477cf980e15042a4f5ee429c1487f68

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
ExitThread
LoadLibraryExA
EnterCriticalSection
GetOEMCP
lstrcat
SetCommBreak
GlobalUnlock
CloseHandle
GetProcessHeap
DeleteAtom
GetProfileStringA
SetConsolePalette
GlobalFindAtomA
LoadResource
GlobalFree
GlobalAddAtomA
RaiseException
GlobalLock
GetStdHandle
LocalSize

user32

GetWindowTextLengthA
ShowWindow
GetParent
ValidateRect
GetFocus
EndPaint
GetWindow
ReleaseDC
GetClassNameA
GetActiveWindow
GetForegroundWindow
GetWindowTextA
DrawEdge
IsIconic
CloseWindow
GetClassInfoExA
GetDC
BeginPaint
AlignRects

wsock32

WSAGetLastError
WSASetBlockingHook
WSAStartup
WSACleanup
WSAAsyncGetServByPort

linkinfo

CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ