dcca6761b6732a48adb70ad0c00722e3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dcca6761b6732a48adb70ad0c00722e3_JaffaCakes118
Size

313KB
MD5

dcca6761b6732a48adb70ad0c00722e3
SHA1

c532f99c61df0c30b7636c88cfd98bf9bd648ca1
SHA256

ecbbbde592fb6828a7a966d6e1dfd3e3362d7455e253c7ad0044557e55de9f20
SHA512

80f2eac6651eed300a8662fbc66827a87eb4b3a5480b4bf8c8fc136316842a052f869e996089d371c3470390585a543ff1b764fac52aafeb560e6215c08de350
SSDEEP

6144:hh5K14o/r+O7+1RKXrHJk5UXkalaqq8+8gXmgGVyuD1G0IUJmqHafm:hzK/S/2XrHJmR8NgGouRNBsqHem

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dcca6761b6732a48adb70ad0c00722e3_JaffaCakes118

Files

dcca6761b6732a48adb70ad0c00722e3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ec550e31288839529bfe13634700041a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetOEMCP
FormatMessageA
ReadProcessMemory
CreateHardLinkA
ExitProcess
GetModuleHandleA
GetProcessHeap
GlobalFlags
GetStdHandle
GlobalLock
FindAtomA
GetCommState
GlobalCompact
GetUserDefaultLangID
ClearCommBreak
GetProfileStringA
EnterCriticalSection
GlobalFree
CloseHandle
GetTapeStatus

user32

IsIconic
GetFocus
GetParent
ShowWindow
GetClassNameA
GetWindowTextA
CloseWindow
GetClassInfoExA
DrawEdge
GetWindowTextLengthA
ValidateRect
GetDC
EndPaint
BeginPaint
GetWindow
RegisterClassA
GetActiveWindow
GetForegroundWindow
ReleaseDC

wsock32

WSAIsBlocking
WSAAsyncSelect
WSAStartup
WSACleanup
WSAGetLastError

dot3api

Dot3SetProfile

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ