db0674150af2f11c83ad23f3fd48ac7a_JaffaCakes118 | Triage

Sharing

General

Target

db0674150af2f11c83ad23f3fd48ac7a_JaffaCakes118
Size

24KB
MD5

db0674150af2f11c83ad23f3fd48ac7a
SHA1

521c70a1c1ba223097566fd6108e472398778fe0
SHA256

fa56cca2845ca8bb69cfd2e99b20b43698539dc4a4678bebde633227ea95f555
SHA512

d6c2003879ba37632159767d4330d8c7a699504f86bfc056fbe3b169097f572ed90909e034b65fc75fc347fcc9374bfd52474ffe1e9c1c5ce37cec8958eee53f
SSDEEP

384:gCU+5Vf6CbKRD+JFEMRq56TcHBN4jV4tfcw0JvPfVspMUvCy9B3t:1N6vDGe56Yz4etfcwif7UvJ3t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db0674150af2f11c83ad23f3fd48ac7a_JaffaCakes118

Files

db0674150af2f11c83ad23f3fd48ac7a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9641a302c4d5e0e123e07d3be3345cd1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadResource
LocalSize
VirtualAlloc
LoadLibraryExA
GetCommState
GlobalLock
GlobalAddAtomA
GetProcessHeap
GetProfileStringA
SetCommBreak
GlobalCompact
ExitThread
RaiseException
GetStdHandle
GlobalFindAtomA
CloseHandle
DeleteAtom
lstrcpyn
GetOEMCP
GlobalFree
EnterCriticalSection

user32

GetWindow
EndPaint
GetClassNameA
AlignRects
BeginPaint
GetForegroundWindow
GetWindowTextLengthA
CloseWindow
ValidateRect
GetActiveWindow
DrawEdge
ReleaseDC
GetWindowTextA
GetParent
GetFocus
GetDC
ShowWindow
GetClassInfoExA
IsIconic

wsock32

WSACleanup
WSAStartup
WSASetBlockingHook
WSAAsyncGetServByPort
WSAGetLastError

duser

AutoTrace

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ