2a709c07e8d687dd022b19518be7d09f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2a709c07e8d687dd022b19518be7d09f_JaffaCakes118
Size

15KB
MD5

2a709c07e8d687dd022b19518be7d09f
SHA1

f27d0f04b28b6b17946674ea65f4da2bf6ad35ca
SHA256

7140ec1c3a78d3a0f18e73a6667f33f870eb42c25132353f2dbf7d7136469f07
SHA512

f9bedf8307dce5934738ff793acecf6f9f908b4a93ba6c3f92c153fe839892f4b62b20a928eacdfe5de250c8e26fc4bc03104304c0704ea8ad70d2c3aef5399e
SSDEEP

384:SeaqyIGTH5tNuhskdK0a+S1Vbpr9Rtcm5:5IIGTNuekdK0a+aHZRtce

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a709c07e8d687dd022b19518be7d09f_JaffaCakes118

Files

2a709c07e8d687dd022b19518be7d09f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

42a76078c052e35776041eac4e5b909c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FormatMessageA
GetProfileStringA
ExitThread
DeleteAtom
CreateHardLinkA
CloseHandle
FindAtomA
LoadLibraryExA
GetOEMCP
GlobalFree
ReadProcessMemory
GlobalLock
EnterCriticalSection
VirtualAlloc
GetProcessHeap
GlobalCompact
GetTapeStatus
GetStdHandle
GlobalFlags
GetCommState
ClearCommBreak

user32

GetFocus
GetWindow
IsIconic
ReleaseDC
ValidateRect
GetParent
EndPaint
CloseWindow
ShowWindow
BeginPaint
GetActiveWindow
GetClassInfoExA
GetWindowTextA
GetDC
GetClassNameA
DrawEdge
GetForegroundWindow
RegisterClassA
GetWindowTextLengthA

wsock32

WSACleanup
WSAIsBlocking
WSAAsyncSelect
WSAStartup
WSAGetLastError

dot3api

Dot3SetProfile

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ