f1333e33b3304fbd79dfa7f0bc2c3e51_JaffaCakes118 | Triage

Sharing

General

Target

f1333e33b3304fbd79dfa7f0bc2c3e51_JaffaCakes118
Size

636KB
MD5

f1333e33b3304fbd79dfa7f0bc2c3e51
SHA1

d065dd32728a83afca4c618a27a3849b59222bb9
SHA256

e79692107334b758dd7d2dd0bace8c6b9b5806efc54843eb4b56c575d85fe8c4
SHA512

51c1df5a9e827b935f2a28edfde548bb612c33049bb821dc22abd148d1f071597d0f4f78395d53997a2976ebf9a2c22fccb8a108899f1331eed81386dc5b263d
SSDEEP

12288:BvXsETlBnPVibcHXn+XrKiE9DamsHaEcdrVQilrJQwhe9aEAyvU:BvsEJR8bwfUH8rVQilrmwA9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f1333e33b3304fbd79dfa7f0bc2c3e51_JaffaCakes118

Files

f1333e33b3304fbd79dfa7f0bc2c3e51_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7c4356fbb8d74df30c62f5440802a777

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
LocalSize
CloseHandle
GetCommandLineA
GetTickCount
WaitForSingleObject
CompareFileTime
GetConsoleDisplayMode
GetVersion
lstrlenA
GetModuleHandleA
GetSystemDefaultLangID
WaitForMultipleObjects
HeapReAlloc
GlobalUnlock
GetAtomNameA
LoadLibraryExA
GetConsoleCP
SuspendThread
VirtualProtect
InterlockedExchange

gdi32

EngLineTo
GetFontData
GetStringBitmapA
Escape
GetTextColor
EndPath
BeginPath
CreateICA
GetRgnBox
GetMetaFileA
EqualRgn
GetMetaRgn
Ellipse
CreateFontA
CreatePalette
AbortPath
FloodFill
DeleteDC
DeleteObject

rastapi

DeviceDone
AddPorts
PortClose
DeviceListen
DeviceConnect

dhcpsapi

DhcpAddServer

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ