342557a5c691c967a475168221d3b1dd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

342557a5c691c967a475168221d3b1dd_JaffaCakes118
Size

417KB
MD5

342557a5c691c967a475168221d3b1dd
SHA1

6a9da56bacb24c9afca3ba749915a2ed0babc4f7
SHA256

80137403540313d7316970aacb2c146431c09bdc94a5f6644fe0dc6b40be82f3
SHA512

612a524857671cc7613a639c940bc2861e4dec94080187c32e6f0db7d58c2000b19c3927140bef3d53e0ef20a5ea5f33c7b00b66eba60392671607c96d66e4b4
SSDEEP

6144:x4f5pjA6EstDkoCDuG6K4nY+zIZJz5GyCY6ootoA4t/T4RgU:8A6ESDkoUuBfqR50YPot3e/Tg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
342557a5c691c967a475168221d3b1dd_JaffaCakes118

Files

342557a5c691c967a475168221d3b1dd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6b8bbbecdbe047397b79803496d1100e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommState
CloseHandle
ExitThread
GlobalFindAtomA
SetCommBreak
GetProcessHeap
LoadLibraryExA
lstrcpyn
GlobalAddAtomA
DeleteAtom
GetProfileStringA
RaiseException
GlobalCompact
GetOEMCP
EnterCriticalSection
VirtualAlloc
GlobalFree
LoadResource
GetStdHandle
GlobalLock
LocalSize

user32

ReleaseDC
GetActiveWindow
GetFocus
GetClassNameA
ValidateRect
GetDC
ShowWindow
DrawEdge
IsIconic
GetWindowTextLengthA
GetClassInfoExA
BeginPaint
GetForegroundWindow
GetWindow
CloseWindow
GetParent
GetWindowTextA
EndPaint
AlignRects

wsock32

WSAAsyncGetServByPort
WSASetBlockingHook
WSACleanup
WSAGetLastError
WSAStartup

duser

AutoTrace

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ