a758dcd15d0cfe738fcf425bea0e8eb1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a758dcd15d0cfe738fcf425bea0e8eb1_JaffaCakes118
Size

313KB
MD5

a758dcd15d0cfe738fcf425bea0e8eb1
SHA1

5f18c828880275a98e87f593d22704ce53d186a6
SHA256

e5e1015ccec33cb36756590a38d403a1462c1daad70c3563e0c19b7d9ff97391
SHA512

26e32591690a0d16e2ced6993657880650999de10a301d3a576ce3aee185c3e5edfca7eb7dca1f06b378674d56cf33b80a879335d09d9e6fead3779bfc5fd15b
SSDEEP

6144:M5K14o/r+O7+1RKXrHJk5UXkalaqq8+8gXmgGVyuD1G0IUJmqHafm:AK/S/2XrHJmR8NgGouRNBsqHem

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a758dcd15d0cfe738fcf425bea0e8eb1_JaffaCakes118

Files

a758dcd15d0cfe738fcf425bea0e8eb1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ce6a25979ed9bc093a0bf9b96f9e97b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateHardLinkA
GetCommState
GlobalCompact
GetTapeStatus
DeleteAtom
GetProfileStringA
EnterCriticalSection
LoadLibraryExA
GlobalFree
GetProcessHeap
ReadProcessMemory
FindAtomA
GetStdHandle
VirtualAlloc
FormatMessageA
CloseHandle
GlobalLock
ClearCommBreak
GlobalFlags
GetOEMCP
ExitThread

user32

GetParent
CloseWindow
ShowWindow
GetClassInfoExA
GetActiveWindow
GetWindowTextLengthA
DrawEdge
GetWindow
GetWindowTextA
ReleaseDC
GetDC
BeginPaint
RegisterClassA
EndPaint
IsIconic
GetClassNameA
GetFocus
ValidateRect
GetForegroundWindow

wsock32

WSAAsyncSelect
WSAIsBlocking
WSACleanup
WSAGetLastError
WSAStartup

dot3api

Dot3SetProfile

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ