d3a6f560a04f94fc9a5e6b526848afd6_JaffaCakes118 | Triage

Sharing

General

Target

d3a6f560a04f94fc9a5e6b526848afd6_JaffaCakes118
Size

175KB
MD5

d3a6f560a04f94fc9a5e6b526848afd6
SHA1

3fe0af3e75cc6fc756870498beedc4fc25641adb
SHA256

a4260c786d62c72b3c3b7320c5942cad7bfa3a9e65a5422bab83abe0cede99ca
SHA512

9bbb3c5449fee7c412fd23b73f691fa667cec285fe34a4b7b722594a7ca57da18ee0923ffc531bd686a23e915c4534b1d7697e83c0b866f4d5fc9130be2bd1d8
SSDEEP

3072:SLB+APXr+FHBtB922I+L4ODHx1s+A9e7hmHkowOgr0zbUjPW04mqcp2to:SV1/reHHq+L4YR1i9qhLo6SbU7W0GY2O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3a6f560a04f94fc9a5e6b526848afd6_JaffaCakes118

Files

d3a6f560a04f94fc9a5e6b526848afd6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c6a3dbf6fbfa1079a4214c6e8a4a8cdc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitThread
GlobalLock
GetProfileStringA
LocalSize
GlobalFree
GlobalAddAtomA
GetOEMCP
SetConsolePalette
GetStdHandle
GlobalFindAtomA
GetProcessHeap
LoadLibraryExA
LoadResource
DeleteAtom
SetCommBreak
RaiseException
EnterCriticalSection
VirtualAlloc
CloseHandle
lstrcpyn
GetLocalTime

user32

IsIconic
EndPaint
GetParent
GetActiveWindow
ReleaseDC
GetDC
GetForegroundWindow
GetClassNameA
GetClassInfoExA
ShowWindow
GetFocus
GetWindowTextA
BeginPaint
AlignRects
GetWindow
GetWindowTextLengthA
CloseWindow
DrawEdge
ValidateRect

wsock32

WSAGetLastError
WSACleanup
WSASetBlockingHook
WSAAsyncGetServByPort
WSAStartup

linkinfo

CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ