95b59bb5ed4608c9292f4b277d5d0021_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

95b59bb5ed4608c9292f4b277d5d0021_JaffaCakes118
Size

146KB
MD5

95b59bb5ed4608c9292f4b277d5d0021
SHA1

60e036ed6b527837c57985a85c5d71127aa0414a
SHA256

1d1f6e1eb5c8d4aae6d391bd736692c7b0539cbd67832036133d8d99a7ad6778
SHA512

fea2e230aacfb49189363d95fd90be88c1a5e0bba7b90153ce99de6585d496514b142d58af6c2b2a1566a13544d879a0e70b1731f5ba4be70e1674ddc62b758c
SSDEEP

3072:uDXw3eLnYwsPEBii2V9+UBtSxV8/yPvQkDajfRdxH9f:GwCnyPQiL9rq38/svQkeNndf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95b59bb5ed4608c9292f4b277d5d0021_JaffaCakes118

Files

95b59bb5ed4608c9292f4b277d5d0021_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a6901bd508673c7dc38564d4d9775e6b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
EnterCriticalSection
GetProcessHeap
DeleteAtom
GetStdHandle
SetCommBreak
GlobalUnlock
LoadResource
HeapCreate
GlobalFindAtomA
GetProfileStringA
GlobalLock
GlobalFree
GlobalAddAtomA
LoadLibraryExA
lstrcat
VirtualAlloc
SetConsolePalette
CloseHandle
RaiseException
LocalFree

user32

GetActiveWindow
GetForegroundWindow
GetClassNameA
BeginPaint
ShowWindow
GetParent
DrawEdge
GetFocus
CloseWindow
GetDC
GetClassInfoExA
ReleaseDC
IsIconic
GetWindowTextLengthA
ValidateRect
EndPaint
AlignRects
GetWindowTextA
GetWindow

wsock32

WSACleanup
WSASetBlockingHook
WSAStartup
WSAGetLastError
WSAAsyncGetServByPort

linkinfo

CreateLinkInfoA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ