972ad5fbadc43eddd85a8089b2fd5c79_JaffaCakes118 | Triage

Sharing

General

Target

972ad5fbadc43eddd85a8089b2fd5c79_JaffaCakes118
Size

314KB
MD5

972ad5fbadc43eddd85a8089b2fd5c79
SHA1

d0682f7f7d3f2e8c185d3b0729678e0c70f67834
SHA256

35fb14fa4c6ad0e501515e67840e7a98a5a098dd624468cdfc369eda6022c535
SHA512

7e55414366c5f5c8f120759d86f4f8effa738e5fac58b56e985046866c43dc8a3289798efa1e79609708da9c033ca10d2efd916270e40287e5c317b0a359f055
SSDEEP

6144:0C4f5pjA6EstDkoCDuG6K4nY+zIZJz5GyCY6ootoA4t/T4RgU0:SA6ESDkoUuBfqR50YPot3e/Tg6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
972ad5fbadc43eddd85a8089b2fd5c79_JaffaCakes118

Files

972ad5fbadc43eddd85a8089b2fd5c79_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4e998bf8baccbcbf71daa10f936b8bca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
GetStdHandle
GlobalFree
GetCommState
GlobalLock
CloseHandle
GlobalCompact
lstrcpyn
RaiseException
GetOEMCP
GlobalAddAtomA
GetProcessHeap
VirtualAlloc
GlobalFindAtomA
SetCommBreak
DeleteAtom
GetProfileStringA
EnterCriticalSection
LocalSize
LoadResource
ExitThread

user32

CloseWindow
GetWindow
IsIconic
GetClassNameA
GetForegroundWindow
GetWindowTextA
ValidateRect
GetFocus
GetWindowTextLengthA
DrawEdge
ShowWindow
GetActiveWindow
AlignRects
GetDC
BeginPaint
ReleaseDC
EndPaint
GetParent
GetClassInfoExA

wsock32

WSAGetLastError
WSASetBlockingHook
WSAAsyncGetServByPort
WSAStartup
WSACleanup

duser

AutoTrace

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ