7419c5bdeba074406ba04a4623b5ff53_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7419c5bdeba074406ba04a4623b5ff53_JaffaCakes118
Size

175KB
MD5

7419c5bdeba074406ba04a4623b5ff53
SHA1

613e25ceafb7fe4a84fc4f4bda14d1dd8edbe25e
SHA256

5a383ce066220580dfa39ecbe097bbe26831ef11666fea0db43eafbe9d9fb532
SHA512

a1b8ff9697f1f9d8279aa5c440617740f31063c242bd403adbf101cba751661d4e993dbbd81a240f56ed5c2e2ec23af42b7967b13df2071060aef65d0ee5311d
SSDEEP

3072:K2e5wew836NgSFQUWDQm4PEb+lENLsSdiFPcd2GQcUl37BaU113U9hxSo55ck:HeqI3u3m4PErLBdipcd2DcUh7Bao1k9r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7419c5bdeba074406ba04a4623b5ff53_JaffaCakes118

Files

7419c5bdeba074406ba04a4623b5ff53_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c0e003822593471230ae7708e2381531

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProfileStringA
GetProcessHeap
SetConsolePalette
GlobalAddAtomA
CloseHandle
LoadLibraryExA
GetStdHandle
EnterCriticalSection
GlobalLock
SetCommBreak
lstrcpyn
GetLocalTime
LocalSize
ExitThread
GlobalFree
VirtualAlloc
DeleteAtom
RaiseException
GlobalFindAtomA
LoadResource
GetOEMCP

user32

GetActiveWindow
ValidateRect
GetWindow
GetWindowTextLengthA
GetClassNameA
AlignRects
IsIconic
GetFocus
BeginPaint
CloseWindow
GetClassInfoExA
GetDC
GetForegroundWindow
ShowWindow
ReleaseDC
GetParent
GetWindowTextA
DrawEdge
EndPaint

wsock32

WSAAsyncGetServByPort
WSAGetLastError
WSACleanup
WSAStartup
WSASetBlockingHook

linkinfo

CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ