a2ef1a98026e6026e4dcffa7b73c690e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a2ef1a98026e6026e4dcffa7b73c690e_JaffaCakes118
Size

169KB
MD5

a2ef1a98026e6026e4dcffa7b73c690e
SHA1

1f9dd6d6bf644ddc684ee32c7a788928717ed4b3
SHA256

8ae09840768d9b194a9c84717b164b37d4238fbd2b56b62af9bde78c362a21f8
SHA512

c8d491c39e61a55d5d4b044f7253d6f0c13694ce8e378f885fa97616991bb12de2c4fba7a694a9e80533844b912bdbcf3a8625846afb1094c27ea4153d5d9033
SSDEEP

3072:DQ4fM08iXCBY1OLcx7DrMrJuV3D8/IrLVDdEz3YjabL4acfsF:G08kYMrMrMVT8/IszIkcac0F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2ef1a98026e6026e4dcffa7b73c690e_JaffaCakes118

Files

a2ef1a98026e6026e4dcffa7b73c690e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

20b47949d2b15873ee093f2c853dd063

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
GetProcessHeap
GetLocalTime
ExitThread
SetConsolePalette
SetCommBreak
LocalSize
LoadLibraryExA
RaiseException
GetStdHandle
GlobalFindAtomA
lstrcpyn
GlobalLock
GlobalFree
GlobalAddAtomA
VirtualAlloc
DeleteAtom
GetOEMCP
CloseHandle
LoadResource
GetProfileStringA

user32

ValidateRect
GetActiveWindow
GetWindow
DrawEdge
GetClassNameA
GetFocus
EndPaint
BeginPaint
ReleaseDC
GetWindowTextA
AlignRects
GetClassInfoExA
IsIconic
CloseWindow
ShowWindow
GetWindowTextLengthA
GetParent
GetDC
GetForegroundWindow

wsock32

WSASetBlockingHook
WSAStartup
WSACleanup
WSAGetLastError
WSAAsyncGetServByPort

linkinfo

CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ