6621c579195affe5bef356d6b2c569c5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6621c579195affe5bef356d6b2c569c5_JaffaCakes118
Size

314KB
MD5

6621c579195affe5bef356d6b2c569c5
SHA1

0a21a0efe1998e1fdf11f7b29a3846c9b0fbaa9d
SHA256

052c32312b9f59e1de8c9ee56daba0521c83357d7dc39e3fdfc165d908686b38
SHA512

44fdd2f67abdef163cce470feb89a49c83ba629faaa2a0c63ae34fa39aaa8613d539495ff1e84a54de1d3ed9546d7caab41caf670c0bacc74c7c2472445d3fc0
SSDEEP

6144:64f5pjA6EstDkoCDuG6K4nY+zIZJz5GyCY6ootoA4t/T4RgU0:vA6ESDkoUuBfqR50YPot3e/Tg6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6621c579195affe5bef356d6b2c569c5_JaffaCakes118

Files

6621c579195affe5bef356d6b2c569c5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0affa3e771958f0182d136a11fb2ec2f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitThread
LoadResource
GlobalFindAtomA
GlobalLock
LoadLibraryExA
RaiseException
GlobalCompact
LocalSize
lstrcpyn
VirtualAlloc
GetCommState
GetProcessHeap
GlobalAddAtomA
CloseHandle
SetCommBreak
GetProfileStringA
DeleteAtom
GetOEMCP
EnterCriticalSection
GetStdHandle
GlobalFree

user32

ValidateRect
GetClassInfoExA
GetClassNameA
GetFocus
GetWindowTextLengthA
GetDC
GetParent
GetWindowTextA
GetForegroundWindow
GetWindow
IsIconic
DrawEdge
GetActiveWindow
ReleaseDC
EndPaint
AlignRects
CloseWindow
ShowWindow
BeginPaint

wsock32

WSASetBlockingHook
WSAStartup
WSAGetLastError
WSACleanup
WSAAsyncGetServByPort

duser

AutoTrace

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ