a14c649776167589f9bd6a73fa2bc1e0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a14c649776167589f9bd6a73fa2bc1e0_JaffaCakes118
Size

159KB
MD5

a14c649776167589f9bd6a73fa2bc1e0
SHA1

5c3c99ba79579377696a0b23fab1c6f69a390390
SHA256

00a03251d95894dedc69e75d421dfe78c070b28a791af696c3845689e9d1177c
SHA512

389cb78ef52ee3206f258da24499d20d37c11b4edcdb056b3b1814993980771d121fc85eecc51f9b3a67c999ede21d8bb10ffd23acb6efcf9832cc177a82d71d
SSDEEP

3072:nDKJ11mxbgMy2RWzi697d82g1vvnCFBH2z1anjCjE5czS/uhvarAdqcg:kMxbB70L6vvnCFBH2QjCo5czIro

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a14c649776167589f9bd6a73fa2bc1e0_JaffaCakes118

Files

a14c649776167589f9bd6a73fa2bc1e0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

743abf18b8826d470a38d120f3e7a65d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
DeleteAtom
GetOEMCP
IsBadCodePtr
HeapCreate
EnterCriticalSection
GlobalUnlock
LocalFree
SetCommBreak
GlobalAddAtomA
lstrcat
GetStdHandle
VirtualAlloc
WriteProfileStringA
LoadLibraryExA
SetConsolePalette
LoadResource
GetLastError
GlobalAddAtomA
GlobalFree
CloseHandle

user32

GetClassInfoExA
GetFocus
ReleaseDC
ShowWindow
CloseWindow
GetWindow
EndPaint
GetWindowTextA
BeginPaint
ValidateRect
GetClassNameA
IsIconic
DrawEdge
AlignRects
GetWindowTextLengthA
GetActiveWindow
GetForegroundWindow
GetDC
GetParent

wsock32

WSAStartup
WSACleanup
WSASetBlockingHook
WSAAsyncGetServByPort
WSAGetLastError

linkinfo

CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ