8e12fd3e030a4749327f6975c28e4091_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8e12fd3e030a4749327f6975c28e4091_JaffaCakes118
Size

313KB
MD5

8e12fd3e030a4749327f6975c28e4091
SHA1

72346455ddce6da82fe39c92c82d166e4fb0f91c
SHA256

15fb8e01a0ea41d9ad0b00306b8742b01753184fabbf87c2de6b0cbb76fc6bd0
SHA512

c56eb86d65612d4a6c3ffa94c5d59731ca7e725471e2466d006fab0b4c9d2d2978f146572e6c8cc784cff82fb790e01585d9ad9c29d516e2df4f24499f83aa80
SSDEEP

6144:tbXkCB9cOEvq8MtzT9eg+VdeDPFhOyuKW/EXBfZnibHjFgJkWOK:trkCBO7EzU3ODdhOyuKfXnib5gEK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e12fd3e030a4749327f6975c28e4091_JaffaCakes118

Files

8e12fd3e030a4749327f6975c28e4091_JaffaCakes118
.exe windows:4 windows x86 arch:x86

82e55ed1a833b29ecb04d42728f8968e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
GetOEMCP
ExitThread
EnterCriticalSection
GetCommState
GlobalLock
LoadResource
DeleteAtom
CloseHandle
GlobalFindAtomA
GetProcessHeap
GlobalAddAtomA
GlobalCompact
GlobalFree
VirtualAlloc
lstrcpyn
LocalSize
RaiseException
SetCommBreak
GetProfileStringA
LoadLibraryExA

user32

EndPaint
GetDC
DrawEdge
GetForegroundWindow
ShowWindow
BeginPaint
IsIconic
GetWindowTextA
GetActiveWindow
GetFocus
GetClassInfoExA
ReleaseDC
ValidateRect
GetWindowTextLengthA
AlignRects
CloseWindow
GetWindow
GetParent
GetClassNameA

wsock32

WSAGetLastError
WSAAsyncGetServByPort
WSASetBlockingHook
WSACleanup
WSAStartup

duser

AutoTrace

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ