262544c3b66b33989acdf99ea2c73aac_JaffaCakes118 | Triage

Sharing

General

Target

262544c3b66b33989acdf99ea2c73aac_JaffaCakes118
Size

97KB
MD5

262544c3b66b33989acdf99ea2c73aac
SHA1

d2461b70249b2e40e39b128a61b8155ce4911285
SHA256

6058f89a155e1e2a712ca6452aa94931d9115744929d17ca8b3a5b6d42755ab4
SHA512

45379539518a51b4f9ad57ac37e6d59009f3b52a954c0d287c96d013f25ac3711da2f2f8b2059d635e186b1e03d497c130757b3117d2425d150753a9d45ba233
SSDEEP

1536:FmI7TGV35SvcD8AfogI2k5YiRLkjBcjNeJDS48lZJCKx4Z9BW/:FiGiI28/RLk9c8XJ9BW/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
262544c3b66b33989acdf99ea2c73aac_JaffaCakes118

Files

262544c3b66b33989acdf99ea2c73aac_JaffaCakes118
.exe windows:4 windows x86 arch:x86

833d0c5025f45a341a0ad2551ff96984

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateHardLinkA
VirtualAlloc
GetCommState
GlobalFree
ExitProcess
FormatMessageA
GetOEMCP
CloseHandle
ClearCommBreak
FindAtomA
GetModuleHandleA
GetUserDefaultLangID
GlobalCompact
GetStdHandle
GetProfileStringA
GetTapeStatus
GlobalFlags
GlobalLock
GetProcessHeap
CreateJobSet
EnterCriticalSection

user32

GetParent
ReleaseDC
GetDC
GetWindowTextLengthA
ShowWindow
BeginPaint
GetFocus
IsIconic
CloseWindow
DrawEdge
GetWindow
EndPaint
RegisterClassA
GetWindowTextA
ValidateRect
GetClassInfoExA
GetClassNameA
GetForegroundWindow
GetActiveWindow

wsock32

WSAAsyncSelect
WSACleanup
WSAIsBlocking
WSAGetLastError
WSAStartup

dot3api

Dot3SetProfile

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ