ac8ec672f091a798619a730ddb0ee5b2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ac8ec672f091a798619a730ddb0ee5b2_JaffaCakes118
Size

198KB
MD5

ac8ec672f091a798619a730ddb0ee5b2
SHA1

fc7094137113e4bc544c45bbd5fe86c40720ef11
SHA256

adaaff05a647115ef3c5c0a5a23607b892c27ae829cb9cd959d4b0d1c3e0dd36
SHA512

1a717a5f92ffdaab5c50035f8f6e62453cb203e663e9a2b662a5133ec2eebc0cbc8a5442f59691a781ed912cde5798f5c5416391a12c5f0cdc998242e5a6cd3d
SSDEEP

3072:4hKew1hXNdnky7KCQmgE6o7CzNIkA9kU03EPiRNaOMbRuAOa:JzXd7qVo7ENIkA9J03dgVRuA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac8ec672f091a798619a730ddb0ee5b2_JaffaCakes118

Files

ac8ec672f091a798619a730ddb0ee5b2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

40a543f4865bef92a16e899e1e04db77

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
GetStdHandle
GlobalLock
LoadLibraryExA
GetOEMCP
CreateHardLinkA
GetProfileStringA
ClearCommBreak
CloseHandle
FindAtomA
DeleteAtom
WriteProcessMemory
GetTapeStatus
GlobalFree
GetProcessHeap
GlobalFlags
VirtualAlloc
ExitThread
GlobalCompact
GetCommState
EnterCriticalSection

user32

EndPaint
ValidateRect
GetWindow
GetParent
GetWindowTextA
ShowWindow
GetClassNameA
DrawEdge
IsIconic
ReleaseDC
GetDC
GetActiveWindow
GetClassInfoExA
BeginPaint
GetForegroundWindow
GetFocus
CloseWindow
GetWindowTextLengthA
RegisterClassA

wsock32

WSAIsBlocking
WSAGetLastError
WSACleanup
WSAStartup
WSAAsyncSelect

dot3api

Dot3SetProfile

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ