3c552042cc34ebb28ff25422b3499981_JaffaCakes118 | Triage

Sharing

General

Target

3c552042cc34ebb28ff25422b3499981_JaffaCakes118
Size

17KB
MD5

3c552042cc34ebb28ff25422b3499981
SHA1

7f98d1d60a7912ce32efc7783e66abcc9fba95fa
SHA256

9a06d23bc9565195ff327d5ae2aa61d866ed0071206586b451fc4c61681fc800
SHA512

6bf7150d0ed4a55c315332673c106b4b5a1b0322c0afa9d017b66dfc06430fab62d37a99242954b36bf36116ca6f05ba94d7964a1416116a2ccf8abdea5e161b
SSDEEP

192:6aS8CkRGOQ2I9MLDDG/mDMHIP8DXAxEyZvJk/bU2y:W3kjyqDDImQlkZvaTp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c552042cc34ebb28ff25422b3499981_JaffaCakes118

Files

3c552042cc34ebb28ff25422b3499981_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7aae8a2cfaa246e6429ae224c78572b7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
SuspendThread
WaitForMultipleObjects
GetVersion
GetConsoleCP
GetCommandLineA
InterlockedExchange
GetModuleHandleA
HeapCreate
WaitForSingleObject
HeapReAlloc
GlobalUnlock
LocalSize
lstrlenA
GetSystemDefaultLangID
GetAtomNameA
LoadLibraryExA
CompareFileTime
VirtualProtect
GetTickCount
GetConsoleDisplayMode

gdi32

GetFontData
EndPath
DeleteObject
EngLineTo
GetTextColor
FloodFill
GetStringBitmapA
CreateFontA
DeleteDC
GetMetaRgn
Escape
EqualRgn
CreateICA
GetRgnBox
CreatePalette
BeginPath
AbortPath
Ellipse
GetMetaFileA

rastapi

DeviceListen
PortClose
AddPorts
DeviceConnect
DeviceDone

dhcpsapi

DhcpAddServer

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ