c950e4498658b41f5e088a0582db4321_JaffaCakes118 | Triage

Sharing

General

Target

c950e4498658b41f5e088a0582db4321_JaffaCakes118
Size

271KB
MD5

c950e4498658b41f5e088a0582db4321
SHA1

80ea27e15890c9302bbf3801f94f8c3bae1bb41b
SHA256

7bc991ce5abeda27d0df915e0edbb999ca2790f56c81769baf10920f60081e07
SHA512

f719c8132940ae3597d2160d315eb601f6028eff197dabe541820d7c52ab8287d98aa0176e43c694a1c199d0966eb1d0ffd3e6bbeae7d9e78d6d1d3ba61c9ef4
SSDEEP

3072:+nNUc1X0yfAsZqOBgtjol6W32ntJ5sdXw6H:Ukm1Zq8gnnPGX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c950e4498658b41f5e088a0582db4321_JaffaCakes118

Files

c950e4498658b41f5e088a0582db4321_JaffaCakes118
.exe windows:4 windows x86 arch:x86

57a1ab3fdee677ddfae5f83142aca969

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
GetCurrentProcess
DeleteFileA
MulDiv
GetOEMCP
GetVersion
GlobalFindAtomA
GetWindowsDirectoryA
RemoveDirectoryA
SetLastError
VirtualAlloc
GetCommandLineA
GetConsoleOutputCP
GetUserDefaultLangID
lstrlenA
lstrlenW
SetCurrentDirectoryA
GetLastError
VirtualFree

user32

DispatchMessageA
GetSystemMetrics
GetParent
GetDC
ShowWindow

gdi32

SelectObject
Rectangle
CreatePen
SetStretchBltMode
RestoreDC
PatBlt
CreateCompatibleDC
CreateSolidBrush
SelectPalette
GetTextMetricsA

glu32

gluTessCallback

comctl32

InitCommonControls

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Kkcp, Wi
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE