34f77020c0a9094c007bc167d0cabd96_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

34f77020c0a9094c007bc167d0cabd96_JaffaCakes118
Size

175KB
MD5

34f77020c0a9094c007bc167d0cabd96
SHA1

f89a7ce226957bb9f256dd7fd1fa237749accdea
SHA256

180479d628c2deb78ff57349fadd5190c15b55a0549cf4686c9ee33a4ad8f80f
SHA512

5e911c7ba21c70c053c7cd68c828c2c3814a0d6b4e45974ae6f63bfca30e0e6968cf0e3b84cd15c0cd0d5be6935966ea4d852fd02e102750a8d2926165dbf325
SSDEEP

3072:yD9YZXGQzylaEAPYtsNQkl9jAwhbX7gs6YQWFNMliMMr3da4/rE5h:BZXJE4NQIvhP+iH3t4v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34f77020c0a9094c007bc167d0cabd96_JaffaCakes118

Files

34f77020c0a9094c007bc167d0cabd96_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c7c98ce95ea1ed2ada5e617d00e6ec10

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
GetStdHandle
LoadLibraryExA
IsBadCodePtr
WriteProfileStringA
LoadResource
RaiseException
SetCommBreak
GetLastError
GlobalAddAtomA
EnterCriticalSection
DeleteAtom
SetConsolePalette
GlobalAddAtomA
VirtualAlloc
GlobalFree
HeapCreate
CloseHandle
lstrcat
GetOEMCP
GlobalUnlock

user32

BeginPaint
EndPaint
GetWindowTextLengthA
CloseWindow
ShowWindow
GetParent
ValidateRect
GetForegroundWindow
IsIconic
GetDC
GetWindow
DrawEdge
GetWindowTextA
ReleaseDC
GetActiveWindow
GetFocus
AlignRects
GetClassNameA
GetClassInfoExA

wsock32

WSAGetLastError
WSAAsyncGetServByPort
WSAStartup
WSASetBlockingHook
WSACleanup

linkinfo

CreateLinkInfoA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ