43af2e59746f7a2e968c8ace4cc8ae0a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

43af2e59746f7a2e968c8ace4cc8ae0a_JaffaCakes118
Size

159KB
MD5

43af2e59746f7a2e968c8ace4cc8ae0a
SHA1

47a943f3bccc69def6518795ef9c5aaf9f361d06
SHA256

d8801edeede65abab1b16a85210a5b96721cfa9750b5410f174423910c702306
SHA512

506a7520db16f7258309022706ce832fd0f3859a745b951a56bb0e2813daa8c47d7dffd0b0adc2c02440ce12b369b704d5ed61e44ef95444b01f48144fc5739d
SSDEEP

3072:nDKJEER9s+gMy2RWzi697d82g1vvnCFBH2z1anjCjE5czS/uhvarAdqcg:ks+B70L6vvnCFBH2QjCo5czIro

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43af2e59746f7a2e968c8ace4cc8ae0a_JaffaCakes118

Files

43af2e59746f7a2e968c8ace4cc8ae0a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

743abf18b8826d470a38d120f3e7a65d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
DeleteAtom
GetOEMCP
IsBadCodePtr
HeapCreate
EnterCriticalSection
GlobalUnlock
LocalFree
SetCommBreak
GlobalAddAtomA
lstrcat
GetStdHandle
VirtualAlloc
WriteProfileStringA
LoadLibraryExA
SetConsolePalette
LoadResource
GetLastError
GlobalAddAtomA
GlobalFree
CloseHandle

user32

GetClassInfoExA
GetFocus
ReleaseDC
ShowWindow
CloseWindow
GetWindow
EndPaint
GetWindowTextA
BeginPaint
ValidateRect
GetClassNameA
IsIconic
DrawEdge
AlignRects
GetWindowTextLengthA
GetActiveWindow
GetForegroundWindow
GetDC
GetParent

wsock32

WSAStartup
WSACleanup
WSASetBlockingHook
WSAAsyncGetServByPort
WSAGetLastError

linkinfo

CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ