337df6a781efb230e58ca29f16140bed_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

337df6a781efb230e58ca29f16140bed_JaffaCakes118
Size

417KB
MD5

337df6a781efb230e58ca29f16140bed
SHA1

b9929ce1bf8aa7f87ab067217bf9983673696d64
SHA256

3d7ebb212ecc78681ed56be945063cabaa6b1c264572a4b187b658f29bfefb8b
SHA512

69ad25193ec4c2d8794a77ae6fa8225ab1f861cfa547498ed6b9b1ffdd9bdcfd08eed25a0b0bea7527b590c17cf9126ca79acdd4aa774273b268ef55a1ff8a68
SSDEEP

6144:c4f5pjA6EstDkoCDuG6K4nY+zIZJz5GyCY6ootoA4t/T4RgU:hA6ESDkoUuBfqR50YPot3e/Tg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
337df6a781efb230e58ca29f16140bed_JaffaCakes118

Files

337df6a781efb230e58ca29f16140bed_JaffaCakes118
.exe windows:4 windows x86 arch:x86

89f2c1049b890f4620a64c15f902c905

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFindAtomA
CloseHandle
VirtualAlloc
EnterCriticalSection
lstrcpyn
LocalSize
GetOEMCP
GlobalCompact
GetProfileStringA
GetProcessHeap
GlobalLock
GlobalAddAtomA
GetCommState
DeleteAtom
RaiseException
GlobalFree
LoadResource
ExitThread
SetCommBreak
LoadLibraryExA
GetStdHandle

user32

GetWindow
IsIconic
ReleaseDC
GetClassNameA
GetParent
AlignRects
ValidateRect
GetFocus
GetWindowTextLengthA
BeginPaint
EndPaint
GetWindowTextA
GetClassInfoExA
DrawEdge
GetForegroundWindow
ShowWindow
CloseWindow
GetDC
GetActiveWindow

wsock32

WSAGetLastError
WSASetBlockingHook
WSAStartup
WSACleanup
WSAAsyncGetServByPort

duser

AutoTrace

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ