8b304f00ac4e58e7a25cef10b97fc217_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8b304f00ac4e58e7a25cef10b97fc217_JaffaCakes118
Size

417KB
MD5

8b304f00ac4e58e7a25cef10b97fc217
SHA1

49d371de7b0fabf5d407cd5e7c385311336a21a4
SHA256

1631e3f0d7cbdf0786b2fd46167a8fe8384411b4bcad532785c2ef2386bcf978
SHA512

f9f2c00299df56bc545424b13e77180c822f587c42fe784ee4ab2c497debfc6a60e8738144644e8bee6e2078f9959c8283a5ced17a56aff7d89f70f93bdbb41c
SSDEEP

6144:24f5pjA6EstDkoCDuG6K4nY+zIZJz5GyCY6ootoA4t/T4RgU:bA6ESDkoUuBfqR50YPot3e/Tg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b304f00ac4e58e7a25cef10b97fc217_JaffaCakes118

Files

8b304f00ac4e58e7a25cef10b97fc217_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b43ea9e8686adf5c7c40d293587b8b42

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
SetCommBreak
GlobalFindAtomA
VirtualAlloc
LoadLibraryExA
EnterCriticalSection
RaiseException
ExitThread
GetOEMCP
GetProcessHeap
LocalSize
GetStdHandle
GetProfileStringA
GlobalLock
GlobalFree
GlobalAddAtomA
GetCommState
lstrcpyn
GlobalCompact
LoadResource
DeleteAtom

user32

ReleaseDC
GetWindow
GetClassInfoExA
AlignRects
GetParent
IsIconic
ShowWindow
GetWindowTextLengthA
EndPaint
BeginPaint
ValidateRect
GetFocus
GetForegroundWindow
GetActiveWindow
CloseWindow
GetClassNameA
GetDC
DrawEdge
GetWindowTextA

wsock32

WSACleanup
WSASetBlockingHook
WSAAsyncGetServByPort
WSAGetLastError
WSAStartup

duser

AutoTrace

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ