721d9121f538c3b440e8381c2fd4605c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

721d9121f538c3b440e8381c2fd4605c_JaffaCakes118
Size

317KB
MD5

721d9121f538c3b440e8381c2fd4605c
SHA1

fc6aac2f778c5c33239c00105ae330e38d200053
SHA256

9fedda03eea4ccbbdbfa376390e98f73f943806383860e9a7d8e41ce91e54e95
SHA512

0749adcb1df24d64c67adab65792ad090bf9cdc34b17e1cde4208dae68c533b25851edcd331d7a29a25c4870fab60fa6c1fdd8d8bf5909e73a8cf6efaf2dad7b
SSDEEP

6144:HBvERPh5qe7/JFB7XYdjSYGioU8DmiUtH:HCRP2e7/JFTD1UtH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
721d9121f538c3b440e8381c2fd4605c_JaffaCakes118

Files

721d9121f538c3b440e8381c2fd4605c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

103495be1059896f53855f8c4ecaa197

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
RaiseException
EnterCriticalSection
DeleteAtom
VirtualAlloc
WriteProfileStringA
CloseHandle
LoadLibraryExA
GetLastError
GlobalAddAtomA
GetStdHandle
GetOEMCP
IsBadCodePtr
LoadResource
HeapCreate
GlobalUnlock
SetCommBreak
SetConsolePalette
GlobalAddAtomA
LocalFree
lstrcat

user32

BeginPaint
IsIconic
DrawEdge
ShowWindow
GetParent
GetForegroundWindow
GetWindowTextA
GetFocus
GetWindowTextLengthA
GetClassNameA
CloseWindow
ValidateRect
AlignRects
GetDC
GetClassInfoExA
GetActiveWindow
EndPaint
GetWindow
ReleaseDC

wsock32

WSASetBlockingHook
WSAAsyncGetServByPort
WSACleanup
WSAStartup
WSAGetLastError

linkinfo

CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ