84e722311a660c94f0b4e17ab490c3b6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

84e722311a660c94f0b4e17ab490c3b6_JaffaCakes118
Size

417KB
MD5

84e722311a660c94f0b4e17ab490c3b6
SHA1

fd93888b323eaaf79dc1ab379f756744816a41a1
SHA256

5a553024b8b93e371a253726f65b805787d0d2354047390340ced94ae3581eb6
SHA512

5e2a9bd9a77141a78f06336279da47a40f76359f63d61a23b52da6eaac3a4e13cd10291b9a2c395a5ebc2c1efa62c2fd27bad561728bda47593ddd48f6c86769
SSDEEP

12288:yP/wP44KyxQbaUzUuXUfgrpciNoixv4U3:14uLUzU8egtd/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
84e722311a660c94f0b4e17ab490c3b6_JaffaCakes118

Files

84e722311a660c94f0b4e17ab490c3b6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

33c48bad1832a8eb15b49116f997290d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommState
ClearCommBreak
GetOEMCP
GlobalCompact
LoadLibraryExA
GlobalFlags
RaiseException
GlobalAddAtomA
GlobalLock
EnterCriticalSection
GetStdHandle
GlobalFree
ExitThread
VirtualAlloc
WriteProcessMemory
GetProfileStringA
FindAtomA
DeleteAtom
GetProcessHeap
CloseHandle
LoadResource

user32

EndPaint
RegisterClassA
GetDC
ShowWindow
GetClassInfoExA
ReleaseDC
GetActiveWindow
IsIconic
ValidateRect
GetWindowTextLengthA
GetWindow
GetWindowTextA
DrawEdge
GetFocus
GetParent
GetClassNameA
GetForegroundWindow
BeginPaint
CloseWindow

wsock32

WSACleanup
WSAAsyncSelect
WSAGetLastError
WSAIsBlocking
WSAStartup

dot3api

Dot3SetProfile

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ