eae8dcf59e554a761edf58d665b7bd62_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eae8dcf59e554a761edf58d665b7bd62_JaffaCakes118
Size

313KB
MD5

eae8dcf59e554a761edf58d665b7bd62
SHA1

c780094b860fcc90b4975cac3a75359d8a03d13f
SHA256

2c8a9db2c37eeafa12884e04d77ac456ed60bf2f2a5bde8921443a0b22f25166
SHA512

67b6793814dcbdf0aef67a8de6eb18a8a02cb2132476180fb5866b6c736d0a06a93509ce9a7d84331c568e3fdf8256803619adb004e4bc4dd1fbfaa9254ec330
SSDEEP

6144:95K14o/r+O7+1RKXrHJk5UXkalaqq8+8gXmgGVyuD1G0IUJmqHafm:3K/S/2XrHJmR8NgGouRNBsqHem

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eae8dcf59e554a761edf58d665b7bd62_JaffaCakes118

Files

eae8dcf59e554a761edf58d665b7bd62_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8a548ade9aa907528676aca81e09a4fa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitThread
CreateHardLinkA
FormatMessageA
ClearCommBreak
GlobalFree
GetOEMCP
EnterCriticalSection
CloseHandle
GlobalCompact
GetProfileStringA
GlobalLock
GetCommState
DeleteAtom
GetProcessHeap
FindAtomA
GetTapeStatus
VirtualAlloc
GetStdHandle
LoadLibraryExA
ReadProcessMemory
GlobalFlags

user32

ReleaseDC
GetDC
GetWindowTextA
BeginPaint
IsIconic
GetClassNameA
GetWindowTextLengthA
ValidateRect
CloseWindow
GetParent
RegisterClassA
EndPaint
GetFocus
GetWindow
DrawEdge
GetClassInfoExA
GetActiveWindow
ShowWindow
GetForegroundWindow

wsock32

WSACleanup
WSAGetLastError
WSAStartup
WSAIsBlocking
WSAAsyncSelect

dot3api

Dot3SetProfile

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ