c837891367491b55d58afb7942cbb9a2_JaffaCakes118 | Triage

Sharing

General

Target

c837891367491b55d58afb7942cbb9a2_JaffaCakes118
Size

261KB
MD5

c837891367491b55d58afb7942cbb9a2
SHA1

daae14e923b2df0f761315c15d8b3fbf63abef41
SHA256

79471dc277513c448395884471ef81d3af8007150fab6aa90416824262221e55
SHA512

36293c8038016558792ebef24eaae0e4c2fce026c8872432eeaf1771a6fa66f4b3a013061899b8df56fd2c7ca18077f1ca0ed3160c142c940f9de7a61f59c8b5
SSDEEP

6144:vred7pR2jFn31WzwbSk6YSD9QhzOwJx+db:Kd8nFWGiAOw7W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c837891367491b55d58afb7942cbb9a2_JaffaCakes118

Files

c837891367491b55d58afb7942cbb9a2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5993ef2e636ff559b004b9fb45523b9f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControls

gdi32

GetPaletteEntries
UnrealizeObject
GetStockObject
EndPath
BeginPath
SetTextColor
SetViewportOrgEx
LineTo
GetDCOrgEx
SetBrushOrgEx
SetBkColor
GetPixel
MoveToEx

kernel32

GetCommandLineA
SetLastError
GetVersion
VirtualAlloc
GetCurrentProcess
GetModuleHandleA
lstrcmpA
lstrcmpiA
RemoveDirectoryA
GetTickCount
GetCommandLineW
MulDiv
GetUserDefaultLangID
GetCurrentThreadId
GetConsoleOutputCP
GlobalFindAtomW
IsDebuggerPresent
DeleteFileW
GetDriveTypeA

user32

CharNextA
GetInputState
GetMessagePos
GetDesktopWindow

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ