19f5d43bb8f53a1776aeb87f923e0ee7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

19f5d43bb8f53a1776aeb87f923e0ee7_JaffaCakes118
Size

144KB
MD5

19f5d43bb8f53a1776aeb87f923e0ee7
SHA1

6b57d7493966de8a3e9b2227a1e4426d9ccb9119
SHA256

724820fb5db5309587ac5c53623cb8a6339a95beb191fcc5b48b36572ec5d2ef
SHA512

0ba19180a4ae6b58dcd5071768ff07d70794d7ca25fc4a46f6df7d77406383e1d675888d5b1a0171e19f976ced16cc5729bec9133ac2c4dfe8467cd3e30668c0
SSDEEP

3072:k7TdBSEQ0oulT0BO+6RnDiKi8H42tnXVha5g4i5iWpfjDQv4P5i:E79QzLw9DfDVw5gX5iWpfvQwPc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19f5d43bb8f53a1776aeb87f923e0ee7_JaffaCakes118

Files

19f5d43bb8f53a1776aeb87f923e0ee7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f846b0159f6d79c6ddd1ac29f49f6424

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetOEMCP
CloseHandle
GetModuleHandleA
CreateHardLinkA
GetUserDefaultLangID
GetStdHandle
GlobalLock
FormatMessageA
GetCommState
ExitProcess
CreateJobSet
GetVolumePathNameA
GlobalFree
EnterCriticalSection
ClearCommBreak
GetProcessHeap
GlobalFlags
FindAtomA
GetTapeStatus
GetProfileStringA

user32

GetForegroundWindow
ShowWindow
DrawEdge
BeginPaint
GetWindowTextLengthA
GetParent
RegisterClassA
GetClassInfoExA
IsIconic
GetWindow
ValidateRect
ReleaseDC
EndPaint
GetClassNameA
CloseWindow
GetDC
GetFocus
GetWindowTextA
GetActiveWindow

gdi32

GetColorSpace
GetCharWidthA
CreateDCA
CreateDIBitmap
ExtCreatePen

sxs

SxsLookupClrGuid

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 756KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ