85ebe1d85cde39099a5a2451c6d075c9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

85ebe1d85cde39099a5a2451c6d075c9_JaffaCakes118
Size

313KB
MD5

85ebe1d85cde39099a5a2451c6d075c9
SHA1

f1547e63842b9a26297784f4422db09ccc8ffdeb
SHA256

a13b323727a0e183cf945cb2dcce210a9dcbc6d825756fd50cb38966c72a85bb
SHA512

d997a332e0a0345ea49ff4609eab3d82c8db42cf70c05c9be2855db731a05b4093cb1d49c40b27a77f71246344ae6711b58d6868baca90e739e1f52f50a8162b
SSDEEP

6144:qmuPH/wwALEUzYa1Qvq9bQDbafszUuXjncFTB91arSFGciNoixv4UOEs:qpP/wP44KyxQbaUzUuXUfgrpciNoixvy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
85ebe1d85cde39099a5a2451c6d075c9_JaffaCakes118

Files

85ebe1d85cde39099a5a2451c6d075c9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

700ca2021c96716b543ce038b08024ff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindAtomA
GetStdHandle
VirtualAlloc
RaiseException
CreateHardLinkA
GetProfileStringA
GlobalCompact
CloseHandle
EnterCriticalSection
DeleteAtom
GetOEMCP
GetProcessHeap
WriteProcessMemory
GetCommState
GetTapeStatus
ExitThread
ClearCommBreak
LoadLibraryExA
GlobalFlags
GlobalFree
GlobalLock

user32

DrawEdge
BeginPaint
ValidateRect
GetFocus
CloseWindow
GetWindowTextLengthA
ReleaseDC
IsIconic
GetClassNameA
GetForegroundWindow
ShowWindow
RegisterClassA
GetClassInfoExA
GetDC
GetParent
GetWindow
GetWindowTextA
EndPaint
GetActiveWindow

wsock32

WSAAsyncSelect
WSAIsBlocking
WSAGetLastError
WSACleanup
WSAStartup

dot3api

Dot3SetProfile

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ