753d55c3d03ad410c179dd6bb525bfc5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

753d55c3d03ad410c179dd6bb525bfc5_JaffaCakes118
Size

313KB
MD5

753d55c3d03ad410c179dd6bb525bfc5
SHA1

5190f95d3f55ccbc13d9b9d949f146fecd0b55c7
SHA256

186dfaca5b9d455b3307966178fa554c4425a83e9d8249e46bd6bcaaf6e706f7
SHA512

082d8b4389a0b9355d16d4f4e08676d7e4d1a835c96c93a59cd937f2396c064d583f8321f8bd405c7c6ae79a385612383d24e286cae53c10558ce9fa3233749a
SSDEEP

6144:SIIj5K14o/r+O7+1RKXrHJk5UXkalaqq8+8gXmgGVyuD1G0IUJmqHafm:6dK/S/2XrHJmR8NgGouRNBsqHem

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
753d55c3d03ad410c179dd6bb525bfc5_JaffaCakes118

Files

753d55c3d03ad410c179dd6bb525bfc5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

464bd100736417a36a241cff8f7ea06b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultLangID
GlobalLock
GetStdHandle
GetCommState
CloseHandle
GetVolumePathNamesForVolumeNameA
GlobalFlags
GetOEMCP
ClearCommBreak
GetProcessHeap
EnterCriticalSection
GetProfileStringA
CreateJobSet
GetModuleHandleA
GlobalFree
CreateHardLinkA
VirtualAlloc
FindAtomA
ExitProcess
GetTapeStatus
FormatMessageA

user32

IsIconic
ReleaseDC
ValidateRect
GetDC
CloseWindow
GetWindow
GetForegroundWindow
GetActiveWindow
GetParent
EndPaint
BeginPaint
GetClassNameA
GetWindowTextLengthA
GetClassInfoExA
DrawEdge
ShowWindow
RegisterClassA
GetFocus
GetWindowTextA

wsock32

WSAIsBlocking
WSACleanup
WSAGetLastError
WSAStartup
WSAAsyncSelect

lpk

LpkInitialize

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ