7269c217c9714930ecc9299548160b80_JaffaCakes118 | Triage

Sharing

General

Target

7269c217c9714930ecc9299548160b80_JaffaCakes118
Size

159KB
MD5

7269c217c9714930ecc9299548160b80
SHA1

b6e45624d43aa133521c5eb0d6760148e4a050bf
SHA256

d84cef02e265ec1e59816f2940c686b409842cff209c21a4467cbb5de1f3db80
SHA512

a8f38b0a679e23988c43c8fab62e5a42c968398b72265080fd93d2b8eea900f4446038e65c6e6947a5f2abf7689183f26ac20c6931e7a77fd6144937e795e1e8
SSDEEP

3072:kzYzOIVo6BjkhxuWB7k+8iH8Ba6qT2IYA8CLIqriFCs6S4G2G1UmI2:kzYKIVjjhK7kLicUxT2nCMqr0n6vdGeF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7269c217c9714930ecc9299548160b80_JaffaCakes118

Files

7269c217c9714930ecc9299548160b80_JaffaCakes118
.exe windows:4 windows x86 arch:x86

92ade2f1708192dfa7f6d8569173f6c0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
SetCommBreak
LocalSize
GetProfileStringA
GlobalFindAtomA
ExitThread
GetCommState
lstrcpyn
EnterCriticalSection
RaiseException
LoadResource
GetProcessHeap
VirtualAlloc
CloseHandle
GetStdHandle
GlobalAddAtomA
DeleteAtom
GlobalLock
GlobalCompact
LoadLibraryExA
GetOEMCP

user32

ShowWindow
CloseWindow
GetActiveWindow
GetDC
GetWindowTextLengthA
GetWindowTextA
ValidateRect
BeginPaint
GetForegroundWindow
AlignRects
GetParent
DrawEdge
GetClassNameA
GetClassInfoExA
EndPaint
IsIconic
ReleaseDC
GetFocus
GetWindow

wsock32

WSACleanup
WSAGetLastError
WSAAsyncGetServByPort
WSAStartup
WSASetBlockingHook

duser

AutoTrace

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ