b972d8b0715a6580cacec2ae6f5f7dd0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b972d8b0715a6580cacec2ae6f5f7dd0_JaffaCakes118
Size

312KB
MD5

b972d8b0715a6580cacec2ae6f5f7dd0
SHA1

b5cd550c29aa2fa4123f11c7892039841f6f4aa0
SHA256

c004f45606d53780b63b9c75c1cba2a069917757a317d60d0ae2977ab4e7af77
SHA512

3dd4d5a7dac362fccf9e855f512f91ae3754cc0bdaff6b4f327bb770f339c811073e9df47deadfd7e064f230bb1f091e628f9d2ba55d5a74b6f921bae28476f5
SSDEEP

6144:IT0TRLFhpIY/houf4qLAdlwzsT8pdUNhcxckiWZe6YB3W2viZsSQ7:I4lxhikhoS4qL6iwTayNhcwaSBGZmS6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b972d8b0715a6580cacec2ae6f5f7dd0_JaffaCakes118

Files

b972d8b0715a6580cacec2ae6f5f7dd0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aeed6b717ffa53ee59e96700f244fe3d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTapeStatus
GlobalFree
GlobalLock
GetStdHandle
CreateHardLinkA
GlobalFlags
GetProfileStringA
FormatMessageA
ExitProcess
VirtualAlloc
GetUserDefaultLangID
GetProcessHeap
ClearCommBreak
CreateJobSet
GetOEMCP
GetCommState
GetVolumePathNameA
FindAtomA
CloseHandle
GetModuleHandleA
EnterCriticalSection

user32

GetWindowTextA
GetFocus
DrawEdge
GetClassNameA
GetDC
ShowWindow
ValidateRect
CloseWindow
GetForegroundWindow
IsIconic
GetWindow
GetClassInfoExA
EndPaint
ReleaseDC
RegisterClassA
BeginPaint
GetActiveWindow
GetWindowTextLengthA
GetParent

gdi32

GetCharWidthA
GetColorSpace
CreateDCA
CreateDIBitmap
CombineRgn

lpk

LpkInitialize

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ