e1de256cd0cc08fde039b6ff1c7195ec_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e1de256cd0cc08fde039b6ff1c7195ec_JaffaCakes118
Size

241KB
MD5

e1de256cd0cc08fde039b6ff1c7195ec
SHA1

406a9214b00bc50219a995e8d34443fa85b8cced
SHA256

2f833872e84bf613cb6e03efa1dd836580b15d18d3d936110c8379438b724c1f
SHA512

d3df1d61e5a3955dc8f1e682a020b48f6f54ee209bd17b193800e57a78486375ef2b28bbb1ba974b008837ab8b706bde6de4b047531b3d87bc58c295efbc7478
SSDEEP

6144:OXcwWFhukYE/0QZv0m9O4b1I26+BQBoY6:OXRWFHn/0UZOw1MFBoY6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1de256cd0cc08fde039b6ff1c7195ec_JaffaCakes118

Files

e1de256cd0cc08fde039b6ff1c7195ec_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a232356f89e1f0889cd04a1d7974b433

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteProcessMemory
GetProcessHeap
GetTapeStatus
GlobalCompact
GetStdHandle
VirtualAlloc
GlobalLock
CreateHardLinkA
CloseHandle
ExitThread
GlobalFlags
LoadLibraryExA
RaiseException
GetOEMCP
GetProfileStringA
ClearCommBreak
GlobalFree
GetCommState
FindAtomA
DeleteAtom
EnterCriticalSection

user32

GetClassInfoExA
IsIconic
GetWindowTextLengthA
GetWindow
GetActiveWindow
BeginPaint
GetWindowTextA
EndPaint
GetClassNameA
RegisterClassA
CloseWindow
GetForegroundWindow
ReleaseDC
ShowWindow
GetFocus
GetParent
GetDC
DrawEdge
ValidateRect

wsock32

WSAStartup
WSACleanup
WSAIsBlocking
WSAGetLastError
WSAAsyncSelect

dot3api

Dot3SetProfile

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 596KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ