193c43df5e9efe4242c8e606c917d30b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

193c43df5e9efe4242c8e606c917d30b_JaffaCakes118
Size

313KB
MD5

193c43df5e9efe4242c8e606c917d30b
SHA1

d8bda33be87255e2158176a0be69a5644912eb49
SHA256

cf5443707b42d650e65142be4cd21d82e5484954822297c82e010f9887b182e8
SHA512

bcb418c2284a63e3a5ac8f0d70d31eeb3d2cfd65f2b8bc5ac460f7d50909a6b700d880719f99ec02a0417f20bfb05419fa56b4d406f03c178bd5cc91205b284c
SSDEEP

6144:sVPH/wwALEUzYa1Qvq9bQDbafszUuXjncFTB91arSFGciNoixv4UOEs:sVP/wP44KyxQbaUzUuXUfgrpciNoixvy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
193c43df5e9efe4242c8e606c917d30b_JaffaCakes118

Files

193c43df5e9efe4242c8e606c917d30b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ba5cea20253132f0576e5f836945785f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteProcessMemory
GlobalFree
GetTapeStatus
GetCommState
ExitThread
GlobalCompact
VirtualAlloc
GlobalFlags
GetProfileStringA
GetOEMCP
DeleteAtom
FindAtomA
GetStdHandle
GetProcessHeap
RaiseException
EnterCriticalSection
CreateHardLinkA
LoadLibraryExA
CloseHandle
ClearCommBreak
GlobalLock

user32

GetWindowTextA
ShowWindow
GetForegroundWindow
GetFocus
GetClassInfoExA
DrawEdge
RegisterClassA
IsIconic
ValidateRect
GetActiveWindow
CloseWindow
GetDC
BeginPaint
EndPaint
GetClassNameA
GetWindowTextLengthA
ReleaseDC
GetWindow
GetParent

wsock32

WSAGetLastError
WSAAsyncSelect
WSAStartup
WSACleanup
WSAIsBlocking

dot3api

Dot3SetProfile

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ