4adfdc059136ebf94d5396baf9e91ef5_JaffaCakes118 | Triage

Sharing

General

Target

4adfdc059136ebf94d5396baf9e91ef5_JaffaCakes118
Size

317KB
MD5

4adfdc059136ebf94d5396baf9e91ef5
SHA1

e5ee06446f1ffa5720990c1d836f6d10512439ab
SHA256

ea5e0925be72cbf6902f0a78494611e2ed4356a8bc03b02a165997a527d60331
SHA512

d0b9a236c49674abd2f693951acfa21fff603942ee20efb81c2076d72e9096442aaf1c4043e8a092fd15e2a9199959079e73b55b2343758675afbc733393fb29
SSDEEP

6144:davERPh5qe7/JFB7XYdjSYGioU8DmiUtH:dNRP2e7/JFTD1UtH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4adfdc059136ebf94d5396baf9e91ef5_JaffaCakes118

Files

4adfdc059136ebf94d5396baf9e91ef5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

27d9f7be44685074017f4b84a8d875d0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadResource
GlobalFindAtomA
EnterCriticalSection
GlobalAddAtomA
GetProfileStringA
DeleteAtom
LocalFree
RaiseException
SetConsolePalette
SetCommBreak
GlobalLock
LoadLibraryExA
GlobalFree
CloseHandle
GetStdHandle
GetProcessHeap
VirtualAlloc
GetOEMCP
GlobalUnlock
lstrcat
HeapCreate

user32

GetFocus
AlignRects
ShowWindow
GetClassNameA
GetParent
ValidateRect
GetWindowTextLengthA
ReleaseDC
GetActiveWindow
BeginPaint
GetForegroundWindow
GetWindow
EndPaint
CloseWindow
GetClassInfoExA
GetWindowTextA
DrawEdge
GetDC
IsIconic

wsock32

WSAStartup
WSACleanup
WSASetBlockingHook
WSAAsyncGetServByPort
WSAGetLastError

linkinfo

CreateLinkInfoA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ