875ee0a3a4a5106c6bdb375c2156f9f6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

875ee0a3a4a5106c6bdb375c2156f9f6_JaffaCakes118
Size

155KB
MD5

875ee0a3a4a5106c6bdb375c2156f9f6
SHA1

4887815e322fde1cb672368300580fe2207f9e2a
SHA256

96a0caaf7abe64dd9cde7647d74b5a3bfee1c38f479accd185aacda2ddc87c60
SHA512

9dbe89017184e720ffe8854a674dac434bbed59dbcf1a118f67ff9123bb76a63b81c534cb89bbefe7b43c5a967cebd3e2bc946166797cedbbe7774b44b53be89
SSDEEP

3072:jykviZpZ/GEhvn6k27iDxczI7L9x2tj7Hx05VkSo1yrolV:j1YppHpnWiDxEcL9e10qdk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
875ee0a3a4a5106c6bdb375c2156f9f6_JaffaCakes118

Files

875ee0a3a4a5106c6bdb375c2156f9f6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

188223032ce4fbfc589ea64826e40110

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
GlobalAddAtomA
SetCommBreak
LocalSize
GlobalFree
GetStdHandle
LoadLibraryExA
DeleteAtom
GlobalCompact
GetCommState
GlobalLock
GetProcessHeap
lstrcpyn
ExitThread
RaiseException
GetOEMCP
GlobalFindAtomA
CloseHandle
VirtualAlloc
LoadResource
GetProfileStringA

user32

GetActiveWindow
GetClassNameA
EndPaint
GetWindowTextA
BeginPaint
ReleaseDC
IsIconic
ValidateRect
CloseWindow
ShowWindow
GetForegroundWindow
GetWindow
AlignRects
DrawEdge
GetDC
GetClassInfoExA
GetFocus
GetParent
GetWindowTextLengthA

wsock32

WSASetBlockingHook
WSAAsyncGetServByPort
WSACleanup
WSAStartup
WSAGetLastError

duser

AutoTrace

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ