487c282ce5b3c2f04c134b0e93b73e9c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

487c282ce5b3c2f04c134b0e93b73e9c_JaffaCakes118
Size

25KB
MD5

487c282ce5b3c2f04c134b0e93b73e9c
SHA1

d261fa2d3c148c3037ca8d6ed59129284ea05b2f
SHA256

e82d56d51c39fb2483c801a44cbf534939a94e186cb92717aa8009d2b273a4e0
SHA512

6e2ac25d6dfe980f27c378582abeda26c9bf1cf0db2f95b1ea56c5831c1b64887a9dce18f9714e9d4bf0ca1092dd8b9ea8a94d8b00970e02b84620701997d67b
SSDEEP

384:RsAWWg9n/cvhe96pOefxxXZ91Vi3Gruh9ZkxqaIX:RZlgRcJjOefxTzVi3Gruhcx34

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
487c282ce5b3c2f04c134b0e93b73e9c_JaffaCakes118

Files

487c282ce5b3c2f04c134b0e93b73e9c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4cf191a03e39a041a072c6f406a50747

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
lstrcpyn
GlobalAddAtomA
GetStdHandle
CloseHandle
ExitThread
RaiseException
ClearCommBreak
VirtualAlloc
GlobalCompact
LoadResource
GetCommState
GlobalLock
GlobalFindAtomA
GetOEMCP
GlobalFree
LocalSize
EnterCriticalSection
GetProcessHeap
DeleteAtom
GetProfileStringA

user32

GetDC
GetWindow
DrawEdge
GetParent
GetClassInfoExA
CloseWindow
GetWindowTextLengthA
RegisterClassA
ReleaseDC
GetForegroundWindow
ValidateRect
GetWindowTextA
GetActiveWindow
BeginPaint
ShowWindow
GetFocus
EndPaint
IsIconic
GetClassNameA

wsock32

WSAIsBlocking
WSAGetLastError
WSAAsyncSelect
WSACleanup
WSAStartup

duser

GetStdColorF

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ