b93bfeaf84318563dd1dbc51fb6aa44e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b93bfeaf84318563dd1dbc51fb6aa44e_JaffaCakes118
Size

92KB
MD5

b93bfeaf84318563dd1dbc51fb6aa44e
SHA1

356a48e3fdba939e7eed0841f58e166d42eb7bb3
SHA256

18c9256b7f461dbd649ee3aef1608ce6d506b432e6a8a824fa6fb199a7bb2d27
SHA512

f75ec2427ce76b242bc44804803c5e56d548f224df772e7ca29e41fb853d57dd1149587a3751ee7b09b4fea6fddbb0100384e8b39f3753ce66e8be03c252d1ba
SSDEEP

1536:em4olLCVNlM/19xU3WN9MFyiLfRPabKJMLyRQd8g0oNlqdzOZpehSi6z8p8jthi:eFolL8XM/1nUHRyqML59tlea6b6z8mtg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b93bfeaf84318563dd1dbc51fb6aa44e_JaffaCakes118

Files

b93bfeaf84318563dd1dbc51fb6aa44e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ab8f5f8da2af8303ccbf3afc646cdf6a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
GetOEMCP
GetStdHandle
FindAtomA
FormatMessageA
CreateHardLinkA
VirtualAlloc
GetProcessHeap
ClearCommBreak
GetUserDefaultLangID
GlobalFlags
CloseHandle
GetProfileStringA
GlobalCompact
EnterCriticalSection
ExitProcess
GetCommState
ReadProcessMemory
GetModuleHandleA
GetTapeStatus
GlobalLock

user32

ShowWindow
BeginPaint
ValidateRect
IsIconic
GetWindowTextA
DrawEdge
RegisterClassA
GetDC
GetWindowTextLengthA
EndPaint
GetActiveWindow
GetParent
GetClassInfoExA
GetForegroundWindow
GetClassNameA
GetWindow
CloseWindow
GetFocus
ReleaseDC

wsock32

WSAAsyncSelect
WSACleanup
WSAIsBlocking
WSAStartup
WSAGetLastError

dot3api

Dot3SetProfile

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ