5c9ac2b3c9e0fb50e37d036d678e0452_JaffaCakes118 | Triage

Sharing

General

Target

5c9ac2b3c9e0fb50e37d036d678e0452_JaffaCakes118
Size

155KB
MD5

5c9ac2b3c9e0fb50e37d036d678e0452
SHA1

e529bc408b5aaae2234efc0cd67407931c466112
SHA256

40f604950809aaa2707e5a3030778c71b060c79f64d21c0977e98043b9b9d330
SHA512

9b6e42a566d81d43fb8e696715d5b3d335b6cf90d315ffce4b70b16a2b080aea5d5fee1cca38feec300bdb768830c28b39882012a41047c78471bc4114557aa1
SSDEEP

3072:3+Tu4HSSzbwMfi1m0YqkkCLdZLz+bmDcVFCPXol2:O6SzUo0Y8egbqhXol2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c9ac2b3c9e0fb50e37d036d678e0452_JaffaCakes118

Files

5c9ac2b3c9e0fb50e37d036d678e0452_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ed673a63800fbe6b52a33a04ad3e37e7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProfileStringA
CloseHandle
GetStdHandle
lstrcpyn
LoadLibraryExA
LocalSize
GetCommState
GlobalFree
GetOEMCP
GlobalAddAtomA
LoadResource
GlobalLock
RaiseException
GlobalFindAtomA
ExitThread
GetProcessHeap
VirtualAlloc
DeleteAtom
GlobalCompact
SetCommBreak
EnterCriticalSection

user32

ValidateRect
GetClassInfoExA
GetFocus
ReleaseDC
GetWindow
CloseWindow
DrawEdge
AlignRects
IsIconic
GetForegroundWindow
GetClassNameA
GetActiveWindow
ShowWindow
BeginPaint
GetDC
GetWindowTextLengthA
EndPaint
GetWindowTextA
GetParent

wsock32

WSASetBlockingHook
WSAStartup
WSAAsyncGetServByPort
WSAGetLastError
WSACleanup

duser

AutoTrace

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ