3064cc00624adbae1817f55549f94566_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3064cc00624adbae1817f55549f94566_JaffaCakes118
Size

219KB
MD5

3064cc00624adbae1817f55549f94566
SHA1

972b579d6426a2a754940abb7e93aed98db7a9b1
SHA256

c8f397a7520dad5923b16cf7725ec4698b571027761c3d41230b2f86e185cf0d
SHA512

5a756129291c602719c9bdc610728f9462e3867836bdd9932eb23cd12e9d896e652eb8fe88cbe1465d915f13ac24166fbb575fbd560c80aed64855a82d52f46e
SSDEEP

6144:mhkAfsa2hVMlYrbbA7NvnNFh5LfW31rnDw:+kAfl2hVMlC3SnHilH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3064cc00624adbae1817f55549f94566_JaffaCakes118

Files

3064cc00624adbae1817f55549f94566_JaffaCakes118
.exe windows:4 windows x86 arch:x86

18acba81b207b4a3bae3d108347445b1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalCompact
DeleteAtom
GetProfileStringA
VirtualAlloc
GetTapeStatus
GetCommState
LoadLibraryExA
ClearCommBreak
RaiseException
GetOEMCP
FindAtomA
ExitThread
GlobalFree
GetProcessHeap
EnterCriticalSection
GlobalFlags
GlobalLock
GetStdHandle
CreateHardLinkA
WriteProcessMemory
CloseHandle

user32

ValidateRect
GetClassNameA
BeginPaint
GetDC
CloseWindow
GetParent
GetActiveWindow
RegisterClassA
GetWindow
EndPaint
ReleaseDC
ShowWindow
GetForegroundWindow
DrawEdge
GetClassInfoExA
IsIconic
GetFocus
GetWindowTextA
GetWindowTextLengthA

wsock32

WSACleanup
WSAGetLastError
WSAAsyncSelect
WSAIsBlocking
WSAStartup

dot3api

Dot3SetProfile

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ