33a9a7791dc9f4799c336bcc8e5307a0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

33a9a7791dc9f4799c336bcc8e5307a0_JaffaCakes118
Size

148KB
MD5

33a9a7791dc9f4799c336bcc8e5307a0
SHA1

c04a02b7fca164d057f6227e2a1a06240eeb33e6
SHA256

deeda946352dd804ebe9b71d415b3afac2ceecda409147defc48adf665e20219
SHA512

128f6f94c9a1a4bd4ddd9bd32c4f3b9fcad461e8e52559419116e027035c6fa5ddce59306707aa6847b747404e3c6bd24c10eafada9861c9dc4db6ba6507939f
SSDEEP

3072:+R3bj7HZcXeKUCyRjqJWt+KWTuP8iJpSTlZ60agddyJZH4scIAz:yHDZcuXZjqteU4puZ60eJN1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33a9a7791dc9f4799c336bcc8e5307a0_JaffaCakes118

Files

33a9a7791dc9f4799c336bcc8e5307a0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

903133c88022d5c59c29a0a561a1bec1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalLock
SetCommBreak
LoadLibraryExA
LoadResource
GlobalFree
GetOEMCP
GetLocalTime
LocalSize
GlobalFindAtomA
GetStdHandle
ExitThread
RaiseException
SetConsolePalette
VirtualAlloc
DeleteAtom
GetProcessHeap
GlobalAddAtomA
CloseHandle
EnterCriticalSection
GetProfileStringA
lstrcpyn

user32

GetWindowTextLengthA
GetDC
GetActiveWindow
CloseWindow
ReleaseDC
BeginPaint
DrawEdge
GetClassNameA
GetWindowTextA
IsIconic
GetFocus
GetForegroundWindow
ShowWindow
ValidateRect
GetWindow
EndPaint
AlignRects
GetClassInfoExA
GetParent

wsock32

WSAStartup
WSAGetLastError
WSASetBlockingHook
WSAAsyncGetServByPort
WSACleanup

linkinfo

CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ