70639f7e3ff902736b987129dc3ad681_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

70639f7e3ff902736b987129dc3ad681_JaffaCakes118
Size

413KB
MD5

70639f7e3ff902736b987129dc3ad681
SHA1

9b817037ab8a874d6ab5d823865cb49645a640e1
SHA256

a336936be7e6303dcf62d198f2c12d01d174cc84dd310fb7eba3a38352db66c6
SHA512

1e8061cc9b7f271ff3fb544c48bf7a77965273b69baf44bd1cf78d2ce5278d08063c3f048d9117330f6d0dc4aad586eba1280178f04c46829fadc94d6211ad80
SSDEEP

6144:fcTRLFhpIY/houf4qLAdlwzsT8pdUNhcxckiWZe6YB3W2viZsSQ:klxhikhoS4qL6iwTayNhcwaSBGZmS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70639f7e3ff902736b987129dc3ad681_JaffaCakes118

Files

70639f7e3ff902736b987129dc3ad681_JaffaCakes118
.exe windows:4 windows x86 arch:x86

80cea72a126d509d6f50d3e9fb915095

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateHardLinkA
GlobalLock
VirtualAlloc
GlobalFlags
FindAtomA
GetTapeStatus
CreateJobSet
GetModuleHandleA
GetVolumePathNameA
EnterCriticalSection
FormatMessageA
ExitProcess
GlobalFree
GetCommState
GetStdHandle
GetUserDefaultLangID
GetOEMCP
ClearCommBreak
GetProcessHeap
GetProfileStringA
CloseHandle

user32

GetActiveWindow
EndPaint
GetParent
GetDC
GetClassNameA
RegisterClassA
GetForegroundWindow
DrawEdge
CloseWindow
BeginPaint
ShowWindow
ReleaseDC
GetWindow
ValidateRect
GetWindowTextA
GetWindowTextLengthA
IsIconic
GetClassInfoExA
GetFocus

gdi32

GetColorSpace
CreateDCA
CreateDIBitmap
GetCharWidthA
ExtCreatePen

sxs

SxsLookupClrGuid

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ