729af71fac70a9128881e81cab477a84_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

729af71fac70a9128881e81cab477a84_JaffaCakes118
Size

313KB
MD5

729af71fac70a9128881e81cab477a84
SHA1

bfc3cdad68e65db83c439078083e761be5c11699
SHA256

17e56e802f64bf73601b49e1c501bf77905f5dedf58cc6301670d09cbfe0bac4
SHA512

cfb1db736778f03f6cdd6980fe0717efebb7ed62bdf82f1b3c7e10b67828d4db19ec874393624c0359a4e162692b68ae1d3da9a8678f049655608172a8fdbc17
SSDEEP

6144:EPH/wwALEUzYa1Qvq9bQDbafszUuXjncFTB91arSFGciNoixv4UOEs:EP/wP44KyxQbaUzUuXUfgrpciNoixv4H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
729af71fac70a9128881e81cab477a84_JaffaCakes118

Files

729af71fac70a9128881e81cab477a84_JaffaCakes118
.exe windows:4 windows x86 arch:x86

75f477dc75dca01721a88fc764fe183f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteProcessMemory
GlobalCompact
GlobalFlags
ExitThread
GlobalLock
GetProcessHeap
GetTapeStatus
ClearCommBreak
EnterCriticalSection
GetStdHandle
CreateHardLinkA
VirtualAlloc
GetProfileStringA
CloseHandle
LoadLibraryExA
DeleteAtom
RaiseException
GetOEMCP
GlobalFree
GetCommState
FindAtomA

user32

DrawEdge
GetWindowTextA
RegisterClassA
GetWindowTextLengthA
GetParent
EndPaint
GetClassInfoExA
GetFocus
GetWindow
ReleaseDC
GetActiveWindow
ValidateRect
IsIconic
GetDC
GetClassNameA
CloseWindow
BeginPaint
GetForegroundWindow
ShowWindow

wsock32

WSAGetLastError
WSAIsBlocking
WSACleanup
WSAAsyncSelect
WSAStartup

dot3api

Dot3SetProfile

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ