481543d9a163c7b08e98c34ae0e86f0b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

481543d9a163c7b08e98c34ae0e86f0b_JaffaCakes118
Size

417KB
MD5

481543d9a163c7b08e98c34ae0e86f0b
SHA1

820c367f37fd36712617ec888977f52a04a03e4a
SHA256

a3dca6ad97c65e3a46b51119b94c3e9702a55a2a618ffbbada10935f64338b27
SHA512

98e45bbca6a8b775ac210b77386e52078fad53b834492609372a5f5faaf3d98fd01d62b8bf9d8dc37c89d473c096f51852133e7bfc3cd1f696e845f5b540d932
SSDEEP

6144:a4YCqLZh14jvgvqh9Q0CUSGTEkARBNDgbq8M9Mxdb9feBc1e:wh1vqhi0Cy4kARLBak

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
481543d9a163c7b08e98c34ae0e86f0b_JaffaCakes118

Files

481543d9a163c7b08e98c34ae0e86f0b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cc7300f223611199a5c988f6a01f0938

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
GlobalCompact
LoadResource
LocalSize
GetOEMCP
GlobalLock
VirtualAlloc
EnterCriticalSection
ClearCommBreak
GlobalFree
DeleteAtom
CloseHandle
ExitThread
GetCommState
lstrcpyn
GlobalAddAtomA
GetStdHandle
LoadLibraryExA
GetProfileStringA
GetProcessHeap
GlobalFindAtomA

user32

IsIconic
CloseWindow
GetActiveWindow
GetWindow
BeginPaint
ShowWindow
GetWindowTextA
GetClassInfoExA
RegisterClassA
GetFocus
GetWindowTextLengthA
GetClassNameA
ValidateRect
GetDC
GetParent
EndPaint
ReleaseDC
DrawEdge
GetForegroundWindow

wsock32

WSACleanup
WSAStartup
WSAIsBlocking
WSAAsyncSelect
WSAGetLastError

duser

GetStdColorF

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ