bca10ade665eda154401c8cd36158aab_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bca10ade665eda154401c8cd36158aab_JaffaCakes118
Size

317KB
MD5

bca10ade665eda154401c8cd36158aab
SHA1

c46489b8ee52af7f07be6482148d02d763904213
SHA256

35ddf46f0689303bc94d05a61beea2c7c81bdb522419897dbbd3925e6f130226
SHA512

26c4bc8ecdf3d1475c4db9fbc0971c0ca47dce1c1a53efc067fd0d297e8ea88e775c81147fb706d03da0bc6b1f832a45eb47ebf0e4cfb1dbb4a4a5b0a34becc5
SSDEEP

6144:ZZvERPh5qe7/JFB7XYdjSYGioU8DmiUtH:ZaRP2e7/JFTD1UtH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bca10ade665eda154401c8cd36158aab_JaffaCakes118

Files

bca10ade665eda154401c8cd36158aab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6aec7bb6203792df8b8a923a8d042495

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
DeleteAtom
GlobalUnlock
GetProcessHeap
CloseHandle
GlobalAddAtomA
GetProfileStringA
EnterCriticalSection
GetStdHandle
HeapCreate
GlobalFindAtomA
SetCommBreak
GetOEMCP
VirtualAlloc
LocalFree
GlobalLock
SetConsolePalette
lstrcat
LoadResource
RaiseException
GlobalFree

user32

BeginPaint
DrawEdge
GetClassInfoExA
GetForegroundWindow
GetActiveWindow
GetDC
GetWindow
GetFocus
GetWindowTextA
IsIconic
CloseWindow
ReleaseDC
ShowWindow
GetClassNameA
EndPaint
GetParent
AlignRects
ValidateRect
GetWindowTextLengthA

wsock32

WSAAsyncGetServByPort
WSACleanup
WSASetBlockingHook
WSAStartup
WSAGetLastError

linkinfo

CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ