a45c1f2f26383f4161842e3c3b0c140c_JaffaCakes118 | Triage

Sharing

General

Target

a45c1f2f26383f4161842e3c3b0c140c_JaffaCakes118
Size

313KB
MD5

a45c1f2f26383f4161842e3c3b0c140c
SHA1

8ce2dbbe4dbe19fdf30bb73d8127368cd8f844e7
SHA256

42d76c894d3696a621ae2e8999723d796a1fcbf8c059190320878117740652f8
SHA512

fec8e567d383e347bce9c79b9e038efa96bf43661a99575836026beed51bb5f930b4535e90dac37848849946b9ecebfeefac771ba2e01cd156e30ad6a0ed337a
SSDEEP

6144:EFR5K14o/r+O7+1RKXrHJk5UXkalaqq8+8gXmgGVyuD1G0IUJmqHafm:qDK/S/2XrHJmR8NgGouRNBsqHem

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a45c1f2f26383f4161842e3c3b0c140c_JaffaCakes118

Files

a45c1f2f26383f4161842e3c3b0c140c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b6aad6345fed6a9c8f63fb84770b910b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindAtomA
CreateHardLinkA
GetProfileStringA
EnterCriticalSection
ReadProcessMemory
GlobalFlags
VirtualAlloc
ExitProcess
GlobalLock
GetProcessHeap
GetCommState
GetModuleHandleA
GlobalFree
GetStdHandle
CloseHandle
GetTapeStatus
GlobalCompact
FormatMessageA
GetUserDefaultLangID
ClearCommBreak
GetOEMCP

user32

GetClassNameA
EndPaint
GetWindowTextA
ReleaseDC
ShowWindow
GetFocus
GetWindow
GetWindowTextLengthA
IsIconic
GetDC
ValidateRect
GetForegroundWindow
BeginPaint
GetClassInfoExA
GetParent
GetActiveWindow
DrawEdge
RegisterClassA
CloseWindow

wsock32

WSAGetLastError
WSAAsyncSelect
WSACleanup
WSAStartup
WSAIsBlocking

dot3api

Dot3SetProfile

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ