21fb58ec76cff00a137757f97df1c65b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

21fb58ec76cff00a137757f97df1c65b_JaffaCakes118
Size

271KB
MD5

21fb58ec76cff00a137757f97df1c65b
SHA1

0a987cc5814725f35fe13d1f26cc34c1ee6e6dcb
SHA256

5b56cb192ab3ae709f5b328a708327f1d740988addcb9b12d3229f773cb69309
SHA512

c5584aa8ad75e5554a0bbc95188b89b5272a316ebfb5f5b374baf8823bcbc708220ce2a20a9fba1a102f84410c50e2762553a586ba6ad2cdc394fe4c3155beaa
SSDEEP

3072:XbKVPnw7bu+0SR3RMuknx+pGLq7SfUKdupwVUau1ZtHvmOe9:+dn+u40t+Gdu6VUppuO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21fb58ec76cff00a137757f97df1c65b_JaffaCakes118

Files

21fb58ec76cff00a137757f97df1c65b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

524869f6ad79f4a94f2d88b0177a60e4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateJobSet
GetCommState
GetProcessHeap
GetModuleHandleA
GetVolumePathNamesForVolumeNameA
GlobalFree
GetTapeStatus
GetUserDefaultLangID
GlobalLock
ClearCommBreak
GetOEMCP
FormatMessageA
GetProfileStringA
GlobalFlags
CreateHardLinkA
EnterCriticalSection
FindAtomA
VirtualAlloc
ExitProcess
GetStdHandle

user32

ShowWindow
GetDC
ReleaseDC
GetActiveWindow
GetFocus
BeginPaint
EndPaint
GetWindowTextA
CloseWindow
GetWindow
DrawEdge
GetParent
GetWindowTextLengthA
GetClassInfoExA
IsIconic
ValidateRect
RegisterClassA
GetForegroundWindow
GetClassNameA

wsock32

WSAGetLastError
WSAAsyncSelect
WSAIsBlocking
WSAStartup
WSACleanup

lpk

LpkInitialize

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ