6a2310cada35715e6208de21d9d183ec_JaffaCakes118 | Triage

Sharing

General

Target

6a2310cada35715e6208de21d9d183ec_JaffaCakes118
Size

314KB
MD5

6a2310cada35715e6208de21d9d183ec
SHA1

719c9af67e9617536b78b70d270147e5c6d5c5f3
SHA256

059345c4be34e080aeb7980f0711fa54c1ecb8f371828399be908d703de66008
SHA512

478242604ad113a87afa5d91b6f4771199cae7c17413332f69324f16d9b81d2dbfca8b698191388c3fbdd2ced4a5a579ba10944f2b3947301174dd86a5d52dac
SSDEEP

6144:n4f5pjA6EstDkoCDuG6K4nY+zIZJz5GyCY6ootoA4t/T4RgU0:aA6ESDkoUuBfqR50YPot3e/Tg6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a2310cada35715e6208de21d9d183ec_JaffaCakes118

Files

6a2310cada35715e6208de21d9d183ec_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0affa3e771958f0182d136a11fb2ec2f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitThread
LoadResource
GlobalFindAtomA
GlobalLock
LoadLibraryExA
RaiseException
GlobalCompact
LocalSize
lstrcpyn
VirtualAlloc
GetCommState
GetProcessHeap
GlobalAddAtomA
CloseHandle
SetCommBreak
GetProfileStringA
DeleteAtom
GetOEMCP
EnterCriticalSection
GetStdHandle
GlobalFree

user32

ValidateRect
GetClassInfoExA
GetClassNameA
GetFocus
GetWindowTextLengthA
GetDC
GetParent
GetWindowTextA
GetForegroundWindow
GetWindow
IsIconic
DrawEdge
GetActiveWindow
ReleaseDC
EndPaint
AlignRects
CloseWindow
ShowWindow
BeginPaint

wsock32

WSASetBlockingHook
WSAStartup
WSAGetLastError
WSACleanup
WSAAsyncGetServByPort

duser

AutoTrace

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ