b2b0533ad9ab0649895a4c2dcec84e68_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b2b0533ad9ab0649895a4c2dcec84e68_JaffaCakes118
Size

313KB
MD5

b2b0533ad9ab0649895a4c2dcec84e68
SHA1

037d5cc1fa5cf38d575dab3a5a50e60f198d6be2
SHA256

a75d408e7a86d05c9ffd34f04f17454658c11f3f5dad7271993095ff336906aa
SHA512

378766da8f333e5c668e9a133f1fd0ef96c95197c0a056f718d48bc8a80c028c23c9546dd2fb0711bbafdcbda2b095236c1d75f9954dc2e040f591580181ec4a
SSDEEP

6144:a2odMjmSyNTGUap5sYhRwiUXlJidFJVR0P8zP8qWFATBgmySvH1:AdM61PaDsePUPGvn8FUgr+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b2b0533ad9ab0649895a4c2dcec84e68_JaffaCakes118

Files

b2b0533ad9ab0649895a4c2dcec84e68_JaffaCakes118
.exe windows:4 windows x86 arch:x86

afcaea058ac5ee7a75157fa2b34f1bfb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
LocalSize
GlobalLock
CloseHandle
GlobalCompact
GlobalFree
LoadLibraryExA
ExitThread
GetCommState
GetOEMCP
EnterCriticalSection
GetProfileStringA
DeleteAtom
RaiseException
lstrcpyn
LoadResource
GlobalAddAtomA
GlobalFindAtomA
VirtualAlloc
SetCommBreak
GetStdHandle

user32

IsIconic
DrawEdge
CloseWindow
GetWindowTextLengthA
GetWindowTextA
AlignRects
GetParent
ReleaseDC
BeginPaint
GetClassNameA
GetClassInfoExA
GetForegroundWindow
GetDC
GetActiveWindow
ShowWindow
GetWindow
ValidateRect
EndPaint
GetFocus

wsock32

WSAGetLastError
WSASetBlockingHook
WSACleanup
WSAStartup
WSAAsyncGetServByPort

duser

AutoTrace

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ