22cb0d9c08f062da3d1ef147e6d7e40c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

22cb0d9c08f062da3d1ef147e6d7e40c_JaffaCakes118
Size

417KB
MD5

22cb0d9c08f062da3d1ef147e6d7e40c
SHA1

b588de75a106066f67d410e5634b9c2917a23332
SHA256

5bb997fb0de80f71dca76baea9ed270d3c6d8bc258c01c1a925322d24b17d0b1
SHA512

3bed34bc05b5d590a52218be350f626c9addfeb44bb0895b51afcb520aea69e5dbe70e10ac823ee5de605b960d13caf8bcafa4e96b706aba50fd80d20db6e197
SSDEEP

6144:4oz+4YCqLZh14jvgvqh9Q0CUSGTEkARBNDgbq8M9Mxdb9feBc1e:DYh1vqhi0Cy4kARLBak

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
22cb0d9c08f062da3d1ef147e6d7e40c_JaffaCakes118

Files

22cb0d9c08f062da3d1ef147e6d7e40c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a015783040993250b68c0baab9f599a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
GlobalAddAtomA
LoadResource
GlobalFree
LocalSize
lstrcpyn
GlobalFindAtomA
GlobalCompact
LoadLibraryExA
DeleteAtom
GetStdHandle
GetCommState
GlobalLock
ExitThread
GetProfileStringA
GetProcessHeap
CloseHandle
EnterCriticalSection
GetOEMCP
ClearCommBreak
VirtualAlloc

user32

GetWindowTextA
CloseWindow
GetClassInfoExA
GetWindow
GetActiveWindow
GetWindowTextLengthA
ReleaseDC
IsIconic
BeginPaint
GetParent
ValidateRect
RegisterClassA
GetFocus
EndPaint
GetForegroundWindow
ShowWindow
GetDC
GetClassNameA
DrawEdge

wsock32

WSAAsyncSelect
WSAGetLastError
WSAIsBlocking
WSAStartup
WSACleanup

duser

GetStdColorF

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ