dc922a87a3ad675e8b471b3e964ca6da_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dc922a87a3ad675e8b471b3e964ca6da_JaffaCakes118
Size

150KB
MD5

dc922a87a3ad675e8b471b3e964ca6da
SHA1

cfc7ac426aa757af81101727dece39449c6bf561
SHA256

49708433c90295ea90e68793e9a54f51e73618e1d01ac8f1046411130411600d
SHA512

86aad4b1bd719545e63c1d4ea74ee7b44b79d1717e453cfa3922d29744a56cf234c418c4ead590c336593797451f0ef0de8f4f803846e403df6b0cb8d62793b4
SSDEEP

3072:hDEqMTZv8yMQic3btpbF4HmXsP/8/vOwYluDXgLaR7:Uv5Gc3btdvw/22w6QgLal

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc922a87a3ad675e8b471b3e964ca6da_JaffaCakes118

Files

dc922a87a3ad675e8b471b3e964ca6da_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ee8bbcf7a9715c469de570a76731ac31

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadResource
GetOEMCP
SetConsolePalette
GetStdHandle
VirtualAlloc
WriteProfileStringA
CloseHandle
RaiseException
GlobalAddAtomA
HeapCreate
LoadLibraryExA
LocalFree
DeleteAtom
GetLastError
lstrcat
EnterCriticalSection
GlobalFree
GlobalUnlock
SetCommBreak
GlobalAddAtomA
IsBadCodePtr

user32

BeginPaint
GetWindowTextLengthA
CloseWindow
EndPaint
GetFocus
GetForegroundWindow
GetWindow
DrawEdge
ShowWindow
GetDC
ReleaseDC
GetWindowTextA
ValidateRect
IsIconic
GetActiveWindow
GetClassInfoExA
AlignRects
GetParent
GetClassNameA

wsock32

WSAAsyncGetServByPort
WSACleanup
WSAStartup
WSASetBlockingHook
WSAGetLastError

linkinfo

CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ