84cd6151210b349560a8e74acc83c86f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

84cd6151210b349560a8e74acc83c86f_JaffaCakes118
Size

417KB
MD5

84cd6151210b349560a8e74acc83c86f
SHA1

e4ec83ac8db52f805eff05e63e5b78da481450a0
SHA256

ccb15479e2d73e4b32420205d4f902050740e7b1462f8b303834f0a0dcb66673
SHA512

1038b976790401844d953e68c67253a61b3862427a26568b6928202c5709e5094cb7b51fdedf193d106f5e25417fa6cc63e1f21ab59b3fd3ca263e2f5a00dea7
SSDEEP

6144:Qv4YCqLZh14jvgvqh9Q0CUSGTEkARBNDgbq8M9Mxdb9feBc1e:QLh1vqhi0Cy4kARLBak

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
84cd6151210b349560a8e74acc83c86f_JaffaCakes118

Files

84cd6151210b349560a8e74acc83c86f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4a0e36e452cb59d3d9d6f0f820128aa3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFindAtomA
GlobalAddAtomA
LoadLibraryExA
DeleteAtom
CloseHandle
GlobalLock
ClearCommBreak
LoadResource
GetStdHandle
ExitThread
EnterCriticalSection
VirtualAlloc
RaiseException
GlobalCompact
GetCommState
lstrcpyn
LocalSize
GlobalFree
GetProfileStringA
GetProcessHeap
GetOEMCP

user32

RegisterClassA
IsIconic
GetClassNameA
BeginPaint
EndPaint
GetDC
ValidateRect
GetParent
DrawEdge
GetWindowTextA
GetWindowTextLengthA
CloseWindow
ReleaseDC
GetClassInfoExA
GetForegroundWindow
GetFocus
GetWindow
ShowWindow
GetActiveWindow

wsock32

WSAIsBlocking
WSAGetLastError
WSAStartup
WSAAsyncSelect
WSACleanup

duser

GetStdColorF

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ