71c603f8a56934d30a7282ac9e665ddf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

71c603f8a56934d30a7282ac9e665ddf_JaffaCakes118
Size

208KB
MD5

71c603f8a56934d30a7282ac9e665ddf
SHA1

85865d2b31aea0768ca582d477c3c04cb7977157
SHA256

53cfc32ab06d9c1c91898f8ff524e0e1f4c94383e0d5cc33ef647c1c5ed23f6c
SHA512

cfc2ae2d0b27cd7774febde9ab6885933722b20dfa93345d0588f197700f2f725e7e59cafce3917a569ef191cef34d54eed0c51d8b41d31b9f6ee19e32b84186
SSDEEP

3072:60JovVvVxBlqtVkunzWXmky6zpYFUCffEiTnYR5SbFMMl5AolN3EjjV5:60S9xB0tVyBy6z6ffnY5SbKqijV5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71c603f8a56934d30a7282ac9e665ddf_JaffaCakes118

Files

71c603f8a56934d30a7282ac9e665ddf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

319e9041d86573fc60291ff6d5eb39a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
GetVersion
WaitForSingleObject
GetAtomNameA
GetConsoleCP
LoadLibraryExA
SuspendThread
GlobalUnlock
InterlockedExchange
WaitForMultipleObjects
HeapCreate
GetTickCount
GetSystemDefaultLangID
GetCommandLineA
HeapReAlloc
CloseHandle
LocalSize
VirtualProtect
GetModuleHandleA
GetConsoleDisplayMode
lstrlenA

gdi32

EqualRgn
CreateICA
EngLineTo
Ellipse
CreatePalette
DeleteDC
DeleteObject
Escape
GetStringBitmapA
GetMetaFileA
EndPath
AbortPath
GetRgnBox
CreateFontA
GetFontData
GetMetaRgn
FloodFill
BeginPath
GetTextColor

rastapi

PortClose
AddPorts
DeviceListen
DeviceConnect
DeviceDone

dhcpsapi

DhcpAddServer

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 800KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ