de2aaff6570ea025635d564dd05a050c_JaffaCakes118 | Triage

Sharing

General

Target

de2aaff6570ea025635d564dd05a050c_JaffaCakes118
Size

97KB
MD5

de2aaff6570ea025635d564dd05a050c
SHA1

077cb1be20f12f1e324b17e58d1338d0f20591ba
SHA256

5b3879ec0a9df6ad6b74728c395997897420e08bbc85943aa459cadecb4c5193
SHA512

f73e60f93d7a1c1fbb733efd96db532b7304c9b639da342c357eaf2c572a348e4e5d67a260577571b542cdf5cd1594998fc3238786749f59ab9dacea1ee9489f
SSDEEP

1536:h59ZCE71bEEDgxIQYw65n7kv8fI7WPH+XpcqdJmW+F0YQcnZFGQse3Gmebo9FP:h59ZNvD4Yw6New+oH+5dMcUvsMxebSFP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de2aaff6570ea025635d564dd05a050c_JaffaCakes118

Files

de2aaff6570ea025635d564dd05a050c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fda982ad4518090042bc020a8b81bff6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddAtomA
TlsFree
CancelWaitableTimer
GetExitCodeThread
CompareStringA
GetThreadLocale
GetHandleContext
CreateMutexA
CreatePipe
GetOEMCP
SetEvent
GetModuleHandleA
GetConsoleCP
GetLargestConsoleWindowSize
ReleaseMutex
GetUserDefaultLangID
GetThreadTimes
IsDBCSLeadByte
VirtualAlloc
TlsGetValue
GetThreadPriority

user32

GetSystemMetrics
GetClassInfoExA
GetFocus
ValidateRect
GetClassNameA
RegisterClassA
ShowWindow
GetWindowTextLengthA
CloseWindow
ReleaseDC
ReleaseDC
InvalidateRect
GetDC
IsWindowVisible
GetWindow
GetForegroundWindow
IsIconic
GetWindowTextA
GetActiveWindow

tapi32

MMCSetLineInfo
MMCSetPhoneInfo
MMCShutdown
MMCInitialize
MMCSetServerConfig

wldap32

ldap_add

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 876KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ