4691c6d52b6b2ae19e8b0b7bfaae9869_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4691c6d52b6b2ae19e8b0b7bfaae9869_JaffaCakes118
Size

162KB
MD5

4691c6d52b6b2ae19e8b0b7bfaae9869
SHA1

84ad2c05288c0acfee23dcc7975a6a56370c0e1d
SHA256

c03162595a49ad6ca1f16531732555841906d5c6fdffc4f950f1590a5ff8afbb
SHA512

cfeae2008be408ea93bb452e67905102ebb7a363d1985a2bf3ecab56542f456027a8d31149fc79874e42eca9f9ad929c2ab77e8a1e3bdb68a50e403773cc8a21
SSDEEP

3072:oVszfIcmaGc6HS+qKAkUPQsMgCzXrXhLz9XhMQnpKQwc0NfCNlpa4ePlq3:TzfIc4c6HSfHk8QsrCzXd3RhnpKQwvfE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4691c6d52b6b2ae19e8b0b7bfaae9869_JaffaCakes118

Files

4691c6d52b6b2ae19e8b0b7bfaae9869_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f8d854bd0a790b6d17ff12431482e5d8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalLock
LocalSize
GlobalFree
GetOEMCP
GlobalCompact
LoadLibraryExA
GetCommState
GetProcessHeap
CloseHandle
GlobalFindAtomA
lstrcpyn
ExitThread
VirtualAlloc
EnterCriticalSection
DeleteAtom
LoadResource
GetStdHandle
SetCommBreak
GetProfileStringA
RaiseException
GlobalAddAtomA

user32

IsIconic
ValidateRect
GetForegroundWindow
GetFocus
GetWindowTextA
ReleaseDC
GetWindowTextLengthA
GetDC
AlignRects
GetClassInfoExA
ShowWindow
GetClassNameA
BeginPaint
GetActiveWindow
CloseWindow
GetParent
DrawEdge
EndPaint
GetWindow

wsock32

WSASetBlockingHook
WSAAsyncGetServByPort
WSAStartup
WSAGetLastError
WSACleanup

duser

AutoTrace

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ