JaffaCakes118_98e18c2c4608e92b21161c5813db667f | Triage

Sharing

General

Target

JaffaCakes118_98e18c2c4608e92b21161c5813db667f
Size

417KB
MD5

98e18c2c4608e92b21161c5813db667f
SHA1

b05b7a1e19120f0f3b33de123cc85dec298891ea
SHA256

4413a3f5892f609a137401da1fedf336ccd4a105b2eae44c091f73a535951209
SHA512

adbacccb1677d2a6b4d9dcc1ef87b89c16e54539fdc76624b628efe0d50183d57577f12a614ca2c48cb0db1e0ea31b2bdb50f471197c38ba9a5fdd098b667288
SSDEEP

6144:Dro4YCqLZh14jvgvqh9Q0CUSGTEkARBNDgbq8M9Mxdb9feBc1e:Gh1vqhi0Cy4kARLBak

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_98e18c2c4608e92b21161c5813db667f

Files

JaffaCakes118_98e18c2c4608e92b21161c5813db667f
.exe windows:4 windows x86 arch:x86

0609eaf330b0b0f5ac7f428e2f6e4711

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
lstrcpyn
LoadLibraryExA
VirtualAlloc
RaiseException
ExitThread
GlobalLock
LoadResource
ClearCommBreak
GetProfileStringA
GlobalAddAtomA
DeleteAtom
GlobalFindAtomA
GlobalCompact
CloseHandle
GetProcessHeap
LocalSize
GlobalFree
EnterCriticalSection
GetStdHandle
GetCommState

user32

GetWindowTextLengthA
IsIconic
GetActiveWindow
GetFocus
ShowWindow
ReleaseDC
GetClassInfoExA
BeginPaint
GetWindow
GetParent
DrawEdge
GetForegroundWindow
EndPaint
GetWindowTextA
CloseWindow
ValidateRect
GetClassNameA
RegisterClassA
GetDC

wsock32

WSAGetLastError
WSAStartup
WSAIsBlocking
WSACleanup
WSAAsyncSelect

duser

GetStdColorF

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ