28eb9e0093ac62868a518f83cad74999_JaffaCakes118 | Triage

Sharing

General

Target

28eb9e0093ac62868a518f83cad74999_JaffaCakes118
Size

417KB
MD5

28eb9e0093ac62868a518f83cad74999
SHA1

067cac4a199fe15eaecc61e0ab92262cab797fc8
SHA256

b98131842e4e4ed823a64c6e25a2c27a7eebed1d03e051b69e8bb362e74e9d6b
SHA512

98f95194479067577d54c5a11ebd1b66c67cb29123db64fed6a3333b23985075b4c867b60744318c97507e51a52fe50cc3682a98c985c0a5e8af3c4dc7520d9c
SSDEEP

6144:24YCqLZh14jvgvqh9Q0CUSGTEkARBNDgbq8M9Mxdb9feBc1e:sh1vqhi0Cy4kARLBak

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28eb9e0093ac62868a518f83cad74999_JaffaCakes118

Files

28eb9e0093ac62868a518f83cad74999_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c4ed4ca5c6ccc311e216d0c2de9b0884

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
RaiseException
VirtualAlloc
GetProfileStringA
EnterCriticalSection
GetStdHandle
GlobalAddAtomA
GlobalFree
GetCommState
lstrcpyn
GlobalFindAtomA
ClearCommBreak
LoadResource
LocalSize
GlobalLock
GetProcessHeap
GlobalCompact
LoadLibraryExA
ExitThread
CloseHandle
DeleteAtom

user32

GetClassNameA
GetWindow
GetForegroundWindow
CloseWindow
DrawEdge
ReleaseDC
IsIconic
GetWindowTextLengthA
EndPaint
ShowWindow
RegisterClassA
GetActiveWindow
BeginPaint
GetParent
ValidateRect
GetWindowTextA
GetDC
GetClassInfoExA
GetFocus

wsock32

WSAStartup
WSACleanup
WSAIsBlocking
WSAAsyncSelect
WSAGetLastError

duser

GetStdColorF

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ