a448d848a177f4482c1f6b64c1274c70_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a448d848a177f4482c1f6b64c1274c70_JaffaCakes118
Size

417KB
MD5

a448d848a177f4482c1f6b64c1274c70
SHA1

379212f14d8c73d7a97ee5e4ecf75e3595c8f2cc
SHA256

f70d19f75fd683e63e3e6de972c4b7702fb83cc73666992107df51d6abe7b00c
SHA512

a9bf2de3319662f1557e654236e3fd478026faa347c271f95e3bb37e3a173e5a589d4fde056377ae97299c94e7315646681a657d8ff3384f7921d8056d8c4489
SSDEEP

12288:fP/wP44KyxQbaUzUuXUfgrpciNoixv4U3:A4uLUzU8egtd/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a448d848a177f4482c1f6b64c1274c70_JaffaCakes118

Files

a448d848a177f4482c1f6b64c1274c70_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0fade3465d20c36abb49bd1f193b6c62

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ClearCommBreak
RaiseException
GetProfileStringA
GetCommState
GlobalFlags
GlobalCompact
GetOEMCP
GetStdHandle
GlobalFree
GlobalAddAtomA
GetProcessHeap
ExitThread
CloseHandle
DeleteAtom
LoadLibraryExA
GlobalLock
WriteProcessMemory
LoadResource
VirtualAlloc
FindAtomA
EnterCriticalSection

user32

BeginPaint
GetWindow
GetClassInfoExA
GetParent
ValidateRect
GetActiveWindow
ReleaseDC
IsIconic
GetClassNameA
ShowWindow
GetDC
GetWindowTextLengthA
GetFocus
DrawEdge
GetForegroundWindow
RegisterClassA
EndPaint
CloseWindow
GetWindowTextA

wsock32

WSAIsBlocking
WSAStartup
WSAAsyncSelect
WSACleanup
WSAGetLastError

dot3api

Dot3SetProfile

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ