21c6954280177d12aafd893cfeadc5cb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

21c6954280177d12aafd893cfeadc5cb_JaffaCakes118
Size

313KB
MD5

21c6954280177d12aafd893cfeadc5cb
SHA1

01db517b361d11435f4b29971450f90448b83647
SHA256

b17bcabdacb1f0fe36cceb546a41faa02a136474aa7642bd9d3b8a1e898731de
SHA512

3ef71cf80a7b1bb0f9343ffa0fcc97af28f2a72fc504faa8405bc0d994dce31d20bf8d07e9d8910f2f9107089718b0b04a9d1e4f69eb60500de88ee7f8f7147b
SSDEEP

6144:Q5K14o/r+O7+1RKXrHJk5UXkalaqq8+8gXmgGVyuD1G0IUJmqHafm:MK/S/2XrHJmR8NgGouRNBsqHem

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21c6954280177d12aafd893cfeadc5cb_JaffaCakes118

Files

21c6954280177d12aafd893cfeadc5cb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b2c598541d8713b7d5a89c946b73289d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
CreateHardLinkA
FormatMessageA
GetProfileStringA
GetModuleHandleA
CloseHandle
GetUserDefaultLangID
ClearCommBreak
GetTapeStatus
VirtualAlloc
ExitProcess
GetOEMCP
CreateJobSet
GlobalFlags
GetCommState
GlobalLock
GlobalCompact
GetStdHandle
GlobalFree
EnterCriticalSection
FindAtomA

user32

EndPaint
GetWindowTextLengthA
GetActiveWindow
CloseWindow
ValidateRect
BeginPaint
RegisterClassA
GetClassInfoExA
IsIconic
GetFocus
ShowWindow
GetWindowTextA
ReleaseDC
DrawEdge
GetDC
GetParent
GetClassNameA
GetForegroundWindow
GetWindow

wsock32

WSAStartup
WSAGetLastError
WSAAsyncSelect
WSAIsBlocking
WSACleanup

dot3api

Dot3SetProfile

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ