485af8328252a174b8c7925db3f0e73e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

485af8328252a174b8c7925db3f0e73e_JaffaCakes118
Size

150KB
MD5

485af8328252a174b8c7925db3f0e73e
SHA1

7f35073c3f8b79a07d8c7f41f8cb7d5fd0d4a6ea
SHA256

07fbd122a21719a580368dd16c637c9ef99f6bc20bc6880fcbf45bff0500e490
SHA512

d42dbdd62daf83cfd9d5e61b0502e121365c5221ee90320ad630cf622c585b7dada405e0b14eecfe93b351a799449f1abc18ed3bd6de7038a0123b03eecda0af
SSDEEP

3072:hDE2dZv8yMQic3btpbF4HmXsP/8/vOwYluDXgLaR7:VTv5Gc3btdvw/22w6QgLal

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
485af8328252a174b8c7925db3f0e73e_JaffaCakes118

Files

485af8328252a174b8c7925db3f0e73e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ee8bbcf7a9715c469de570a76731ac31

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadResource
GetOEMCP
SetConsolePalette
GetStdHandle
VirtualAlloc
WriteProfileStringA
CloseHandle
RaiseException
GlobalAddAtomA
HeapCreate
LoadLibraryExA
LocalFree
DeleteAtom
GetLastError
lstrcat
EnterCriticalSection
GlobalFree
GlobalUnlock
SetCommBreak
GlobalAddAtomA
IsBadCodePtr

user32

BeginPaint
GetWindowTextLengthA
CloseWindow
EndPaint
GetFocus
GetForegroundWindow
GetWindow
DrawEdge
ShowWindow
GetDC
ReleaseDC
GetWindowTextA
ValidateRect
IsIconic
GetActiveWindow
GetClassInfoExA
AlignRects
GetParent
GetClassNameA

wsock32

WSAAsyncGetServByPort
WSACleanup
WSAStartup
WSASetBlockingHook
WSAGetLastError

linkinfo

CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ