1bca4f7b10b903bae3b92ee53eb7d122_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1bca4f7b10b903bae3b92ee53eb7d122_JaffaCakes118
Size

314KB
MD5

1bca4f7b10b903bae3b92ee53eb7d122
SHA1

63e87880e7fdb7d71f69afa79dbaf2d72ac99cb8
SHA256

cf1d9ddab906413c04a1d76359ae7235c9101491da96ec15c4a536d2bc37debf
SHA512

515185422d4b69361e134a977a089bb8af82a038e4193f4fbd5dd80ad975b8c68ed44e016d0cca8743081f3adf011e448e61bcd8668544375b8375e9dfe172d9
SSDEEP

6144:T4f5pjA6EstDkoCDuG6K4nY+zIZJz5GyCY6ootoA4t/T4RgU0:WA6ESDkoUuBfqR50YPot3e/Tg6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1bca4f7b10b903bae3b92ee53eb7d122_JaffaCakes118

Files

1bca4f7b10b903bae3b92ee53eb7d122_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cba04c39f7320358cf0a8093e4cdfd8c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyn
GetOEMCP
CloseHandle
DeleteAtom
EnterCriticalSection
GetCommState
GlobalCompact
VirtualAlloc
GlobalLock
LocalSize
LoadLibraryExA
RaiseException
ExitThread
LoadResource
GetStdHandle
GlobalFree
GetProfileStringA
GlobalFindAtomA
GetProcessHeap
GlobalAddAtomA
SetCommBreak

user32

ValidateRect
GetWindowTextA
GetActiveWindow
GetWindow
GetForegroundWindow
GetFocus
AlignRects
EndPaint
ShowWindow
GetClassInfoExA
ReleaseDC
BeginPaint
DrawEdge
GetParent
GetDC
GetClassNameA
GetWindowTextLengthA
IsIconic
CloseWindow

wsock32

WSAStartup
WSACleanup
WSASetBlockingHook
WSAGetLastError
WSAAsyncGetServByPort

duser

AutoTrace

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ