227567a03d8b02817422035af3b06b29_JaffaCakes118 | Triage

Sharing

General

Target

227567a03d8b02817422035af3b06b29_JaffaCakes118
Size

17KB
MD5

227567a03d8b02817422035af3b06b29
SHA1

33e480133ab765b8743cec7d63d7c2b5023eb1f1
SHA256

2bce26550007c94246b42c401d0e93e11f9bd149ab83b768f2ff20afec6a54f9
SHA512

ce655fed8bc0a98eb3f1d065ca09c65f073bf26b390df619502617020e71892ed870111a5afcf5cf85d288e57a38fd432cb3ab55df4f6f0f73aac60dd721c6bd
SSDEEP

384:SmzWVrbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbD:TwrbbbbbbbbbbbbbbbbbbbbbbbbbbbbW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
227567a03d8b02817422035af3b06b29_JaffaCakes118

Files

227567a03d8b02817422035af3b06b29_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b0e14479d47357b44dc40e1f2c9d1457

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetAtomNameA
lstrlenA
GetModuleHandleA
SuspendThread
GetSystemDefaultLangID
WaitForSingleObject
GlobalUnlock
GetVersion
GetConsoleDisplayMode
CloseHandle
LoadLibraryExA
HeapReAlloc
LocalSize
CompareFileTime
GetCommandLineA
GetConsoleCP
WaitForMultipleObjects
VirtualProtect
GetTickCount
HeapCreate
InterlockedExchange

gdi32

DeleteObject
DeleteDC
GetTextColor
CreateICA
BeginPath
Ellipse
GetRgnBox
AbortPath
GetStringBitmapA
CreateFontA
GetFontData
GetMetaFileA
EndPath
Escape
EngLineTo
GetMetaRgn
FloodFill
CreatePalette
EqualRgn

rastapi

AddPorts
PortClose
DeviceConnect
DeviceDone
DeviceListen

dhcpsapi

DhcpAddServer

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ