e1194332230d063b5ff4be1f2964f583_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e1194332230d063b5ff4be1f2964f583_JaffaCakes118
Size

12KB
MD5

e1194332230d063b5ff4be1f2964f583
SHA1

6e32ebfdfe1feb6d4f0db9f6953d3e628cadecbd
SHA256

490d211a435a35aa36c3525b3723e821f744cfc37122827113f5047e93e5841d
SHA512

7a5456ba5a1cba8d2161058b50692385ab33dd521268a3fa05698406a4a9e8481a6ec7ea286e72ee9a1015127b2326bb8ce8771eb84ba386b029e3ea6ac00675
SSDEEP

192:rcCoIUYvAmq/A5AA6OQiGgECH0NLDqrmsD/MusC2Jw:ACzaY5AdOQivHHQvYUushJw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1194332230d063b5ff4be1f2964f583_JaffaCakes118

Files

e1194332230d063b5ff4be1f2964f583_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9dc94b65e0cf015457ea12a394f24089

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
ExitThread
GlobalFree
LocalSize
EnterCriticalSection
GetProcessHeap
GlobalAddAtomA
SetCommBreak
DeleteAtom
CloseHandle
GlobalLock
GlobalCompact
GetProfileStringA
GlobalFindAtomA
GetStdHandle
lstrcpyn
LoadResource
VirtualAlloc
LoadLibraryExA
RaiseException
GetCommState

user32

EndPaint
GetParent
AlignRects
GetClassNameA
ValidateRect
ReleaseDC
ShowWindow
GetWindow
IsIconic
BeginPaint
GetFocus
GetClassInfoExA
GetWindowTextA
GetForegroundWindow
GetActiveWindow
GetWindowTextLengthA
GetDC
CloseWindow
DrawEdge

wsock32

WSASetBlockingHook
WSAStartup
WSAGetLastError
WSAAsyncGetServByPort
WSACleanup

duser

AutoTrace

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ