949f62bcad2c0e0eebd0b15f1046ff23_JaffaCakes118 | Triage

Sharing

General

Target

949f62bcad2c0e0eebd0b15f1046ff23_JaffaCakes118
Size

111KB
MD5

949f62bcad2c0e0eebd0b15f1046ff23
SHA1

2949a6f02f32846d9818e2968153dbc0408a5d36
SHA256

bfb3ab4821980df1e1b200cc139d227b9d896a1793d83dcc0bf5db98323f0478
SHA512

47fb1d07cb831fab2e825f8457995de591c727bc8631b3d79f7ef4962e12776477998b914829274480d58be68b2808365b405c15799991544262d7c9ce83a425
SSDEEP

1536:QpfgKsny6L99JeMQI9nJL4cZslxzWH+ibkiSHXH5HLJ5moa6n8vHvrE6Na1AChvr:QpfgFyK5eOFecuqRkiSHXp/YzvINGg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
949f62bcad2c0e0eebd0b15f1046ff23_JaffaCakes118

Files

949f62bcad2c0e0eebd0b15f1046ff23_JaffaCakes118
.exe windows:4 windows x86 arch:x86

572c6cdeddbe39e493b4ab95a24f96ab

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetTickCount
GetCurrentThread
LoadLibraryA
GetVersion
GetModuleHandleA
GetCurrentDirectoryA
CompareStringA
GetVersionExA
LocalAlloc
CloseHandle

user32

BeginPaint
DispatchMessageA
GetMessageA
TranslateMessage

advapi32

RegCloseKey

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ