74af35ac56049d431a87eafcd068b34d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

74af35ac56049d431a87eafcd068b34d_JaffaCakes118
Size

405KB
MD5

74af35ac56049d431a87eafcd068b34d
SHA1

bac528ca2d07db411e1a3b4dcfe9cfa6250a472b
SHA256

c9e9ef49e532483b69bb04f0ece9ce0acef66ea4bedbca212c80f77b53a49aa9
SHA512

ef94684f9f44103469c40241c175ad2bbd8b9f86ed52e79b53b04e257ee18accb90990a272c000345ad1440beabe3813469009e7282e48ac574994c80fe5dfdd
SSDEEP

6144:CtUvzin7XJXsPpmvUEgYZX3MBP4Q6LJycccrp0GiLBiGpsNZoN:CtkO7XJX+4DgYBu4NtyccEfcowsNZO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74af35ac56049d431a87eafcd068b34d_JaffaCakes118

Files

74af35ac56049d431a87eafcd068b34d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

521a3c541535be8427e6500ef34cbe17

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
ExitThread
GetStdHandle
LoadResource
LoadLibraryExA
DeleteAtom
RaiseException
GetProcessHeap
GetProfileStringA
CloseHandle
LocalSize
GlobalFindAtomA
lstrcat
GlobalFree
EnterCriticalSection
GetOEMCP
GlobalLock
VirtualAlloc
SetConsolePalette
GlobalAddAtomA
SetCommBreak

user32

GetWindowTextA
GetFocus
EndPaint
GetParent
BeginPaint
ReleaseDC
GetDC
ValidateRect
CloseWindow
AlignRects
GetWindowTextLengthA
GetClassInfoExA
GetWindow
DrawEdge
GetActiveWindow
GetForegroundWindow
GetClassNameA
IsIconic
ShowWindow

wsock32

WSAAsyncGetServByPort
WSAStartup
WSAGetLastError
WSACleanup
WSASetBlockingHook

linkinfo

CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ