63fbd3769505cf5d1b7730620723f739_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

63fbd3769505cf5d1b7730620723f739_JaffaCakes118
Size

417KB
MD5

63fbd3769505cf5d1b7730620723f739
SHA1

771954b735a15cafd29ef7acc04fcc2055d88516
SHA256

da9c21f6ae3c86529116119f8a116f3a3dd71c48e92905343303b5a52eb6f72c
SHA512

d14614d6e3cf0f1c4de0cd15b4dfc4be23624f3b6855c6b8e649972d51950cab0a1cc4c21de87f405eae887718f0db2293644e0a836500004d152708c694c49b
SSDEEP

6144:d4YCqLZh14jvgvqh9Q0CUSGTEkARBNDgbq8M9Mxdb9feBc1e:Rh1vqhi0Cy4kARLBak

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63fbd3769505cf5d1b7730620723f739_JaffaCakes118

Files

63fbd3769505cf5d1b7730620723f739_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bfc058d101b6384e66a62f761f10202f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
ClearCommBreak
GetOEMCP
GetProcessHeap
DeleteAtom
GetProfileStringA
LoadLibraryExA
GlobalLock
lstrcpyn
GlobalAddAtomA
CloseHandle
EnterCriticalSection
GetCommState
GlobalFindAtomA
VirtualAlloc
ExitThread
LocalSize
RaiseException
GetStdHandle
LoadResource
GlobalCompact

user32

DrawEdge
RegisterClassA
CloseWindow
GetWindowTextA
GetActiveWindow
GetForegroundWindow
GetParent
ValidateRect
GetFocus
IsIconic
GetWindow
GetDC
BeginPaint
ShowWindow
GetWindowTextLengthA
ReleaseDC
GetClassNameA
EndPaint
GetClassInfoExA

wsock32

WSAAsyncSelect
WSAStartup
WSACleanup
WSAGetLastError
WSAIsBlocking

duser

GetStdColorF

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ