b8d5f8c52ef5397c194a4ac3f4535ac3_JaffaCakes118 | Triage

Sharing

General

Target

b8d5f8c52ef5397c194a4ac3f4535ac3_JaffaCakes118
Size

43KB
MD5

b8d5f8c52ef5397c194a4ac3f4535ac3
SHA1

32818995ff698343ca46338cf46759a1713e1037
SHA256

f9afe3ac3177eb6268060138cb57477fb1f457a157806ccbae1e414a749ba459
SHA512

e98e67bce9295e5488e5476b075717b42e0bdc8e08bf55f2d83b241a5bebf05e2159c5fd98b1babadb57ae8fb97867aa59efdaa89c62560c112231c42cf9e502
SSDEEP

768:DZPifgcJvOn6Ew6eWrb82PseQfidkIpGB/wN61cG0qVIgI/6N23a8R:DJifBJ7pNodp7NSclqVIxuINR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8d5f8c52ef5397c194a4ac3f4535ac3_JaffaCakes118

Files

b8d5f8c52ef5397c194a4ac3f4535ac3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e7d304684c81576d36cc86e80fe92acd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
CloseHandle
GetStdHandle
GlobalLock
GetProcessHeap
GlobalAddAtomA
lstrcpyn
ClearCommBreak
GetCommState
ExitThread
LoadResource
GetOEMCP
GlobalFindAtomA
LocalSize
GlobalFree
DeleteAtom
GetProfileStringA
RaiseException
GlobalCompact
VirtualAlloc
LoadLibraryExA

user32

GetDC
GetClassNameA
GetWindowTextA
RegisterClassA
GetWindowTextLengthA
ShowWindow
CloseWindow
IsIconic
GetActiveWindow
ValidateRect
DrawEdge
GetParent
GetFocus
GetWindow
GetForegroundWindow
EndPaint
ReleaseDC
BeginPaint
GetClassInfoExA

wsock32

WSAAsyncSelect
WSACleanup
WSAStartup
WSAIsBlocking
WSAGetLastError

duser

GetStdColorF

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ