a23c84f54de28ff0f6bc7a6ffc50ecb5_JaffaCakes118 | Triage

Sharing

General

Target

a23c84f54de28ff0f6bc7a6ffc50ecb5_JaffaCakes118
Size

358KB
MD5

a23c84f54de28ff0f6bc7a6ffc50ecb5
SHA1

42b842106200323f00bdaf1077e695c67c0e2a63
SHA256

40c7d46da1768d72bd9fba1ccc5e94abe97ffa6c1f1948d9dba3a1af7d89c727
SHA512

c1b404dab1a7e06803e9093dcbfc6094c6710fbab8103787f296f557c54a2493e8598117b9814abdbae3b63cebe6051770db7d781816433106e5219afcedfb34
SSDEEP

6144:yFribn2ziJonY7JFI1kZuoi7Scuw483B/ZstcBJblY0ro4XrazeRtp/5f3WPxDYH:yFrc26oY7IKZuUw/B/6tsz304b1Hp/ZO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a23c84f54de28ff0f6bc7a6ffc50ecb5_JaffaCakes118

Files

a23c84f54de28ff0f6bc7a6ffc50ecb5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

23c0ba6e980b05d0f1d4edc036aacd82

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
GetUserDefaultLangID
SetLastError
InterlockedExchange
GetAtomNameA
lstrlenA
GetConsoleCP
GlobalUnlock
GetCommandLineA
GlobalSize
LoadLibraryExA
VirtualProtect
GetTickCount
GetModuleHandleA
CompareFileTime
GetVersion
GetConsoleDisplayMode
HeapReAlloc
WaitForMultipleObjects
ResumeThread
WaitForSingleObject

user32

ShowWindow
GetParent
wsprintfA
GetTitleBarInfo
GetFocus
GetCursorPos
GetWindow
GetDC
BeginPaint
FrameRect
DrawTextA
CreateIcon
SetForegroundWindow
FillRect
AnyPopup
EndPaint
GetClassNameA
ReleaseDC
DragDetect

rastapi

AddPorts
DeviceListen
DeviceConnect
DeviceDone
PortClose

quartz

DllGetClassObject

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 556KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ