a70a1875022f80b35976b3bcc1f9fd4f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a70a1875022f80b35976b3bcc1f9fd4f_JaffaCakes118
Size

153KB
MD5

a70a1875022f80b35976b3bcc1f9fd4f
SHA1

01445db244d83bfbc736882ad4b8bee46d2c56e4
SHA256

32b91f6ad490a18cfea87fbaef1c97c3340b5be31609a122f38b0e1bac90e9f1
SHA512

c76fcbe3d55d91b71ff157b1af23d27307df3951ae9529c96493d3270bb9c25c2e97827938f363e37bddb8e0e4454df5a0e65692e4342ebdcdc38884d5d07052
SSDEEP

3072:xjSabKs09AhopHoWzmFXcdBNSNUggDshtqMfFWFq0e8WrvAijEVcfYV3J3o:xGppChopHJz8XcgeE2UTr8spAV5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a70a1875022f80b35976b3bcc1f9fd4f_JaffaCakes118

Files

a70a1875022f80b35976b3bcc1f9fd4f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3441a49c97b0eadb1035a4d33dcb4f0e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFindAtomA
SetCommBreak
LocalSize
CloseHandle
GlobalLock
GetStdHandle
DeleteAtom
GetOEMCP
GetCommState
VirtualAlloc
GlobalAddAtomA
GlobalFree
LoadLibraryExA
EnterCriticalSection
GetProfileStringA
GlobalCompact
RaiseException
lstrcpyn
LoadResource
ExitThread
GetProcessHeap

user32

GetDC
ValidateRect
EndPaint
GetClassInfoExA
GetActiveWindow
ReleaseDC
GetWindowTextA
ShowWindow
GetFocus
CloseWindow
GetForegroundWindow
GetClassNameA
GetWindow
AlignRects
DrawEdge
GetParent
BeginPaint
IsIconic
GetWindowTextLengthA

wsock32

WSAStartup
WSAAsyncGetServByPort
WSASetBlockingHook
WSACleanup
WSAGetLastError

duser

AutoTrace

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ