718201d6149ecb662273df167d8b9030_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

718201d6149ecb662273df167d8b9030_JaffaCakes118
Size

314KB
MD5

718201d6149ecb662273df167d8b9030
SHA1

9ff07ab1f70320119a5041e1257d97bfd3adadac
SHA256

d2ccad62db7bec24521678f3159f49f8bcd2bb67e07cf9798a6de23d9d6d8411
SHA512

03fa2247a65c3af54b9d368fb156a2a7720f0eda0c8e42eca5b857356917e75da8914fdcb2d28e6b66497d477e1fa445909d410fdc71d953cf0014cf3e131b00
SSDEEP

6144:z4f5pjA6EstDkoCDuG6K4nY+zIZJz5GyCY6ootoA4t/T4RgU0:2A6ESDkoUuBfqR50YPot3e/Tg6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
718201d6149ecb662273df167d8b9030_JaffaCakes118

Files

718201d6149ecb662273df167d8b9030_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fa3093cbd43c9c3143d20b96a1e9fd13

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
GetCommState
GetProcessHeap
GetStdHandle
VirtualAlloc
LoadResource
LocalSize
GlobalFree
SetCommBreak
GlobalAddAtomA
DeleteAtom
ExitThread
CloseHandle
RaiseException
GlobalCompact
EnterCriticalSection
GlobalFindAtomA
GlobalLock
GetProfileStringA
LoadLibraryExA
lstrcpyn

user32

IsIconic
ReleaseDC
AlignRects
GetParent
DrawEdge
GetActiveWindow
EndPaint
GetWindowTextLengthA
GetClassNameA
ShowWindow
GetWindow
CloseWindow
BeginPaint
ValidateRect
GetForegroundWindow
GetFocus
GetDC
GetWindowTextA
GetClassInfoExA

wsock32

WSAAsyncGetServByPort
WSAGetLastError
WSAStartup
WSASetBlockingHook
WSACleanup

duser

AutoTrace

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ