c95c9704a350104dac1cad8ab0e68993_JaffaCakes118 | Triage

Sharing

General

Target

c95c9704a350104dac1cad8ab0e68993_JaffaCakes118
Size

321KB
MD5

c95c9704a350104dac1cad8ab0e68993
SHA1

e4232a8b7c326fd3972404e3273e333df0d2cb37
SHA256

0bdadd0c11fe0ab56cdd0495e4fd7af3f0251ebc10981f599344009356408357
SHA512

1baba2ab091d92c5fcf8811a4a57cbb334970251c10cc427d765330c563ecbeb1bb61318d47c69fe7c18027db0f1d3ccaff32cdfc0e190e1760f8116ade54ba9
SSDEEP

6144:YdVhzctJoYKS6/TJ80uIe1NF/5dVI4vYXbuleeehcJY1CZ/Hko8ZjJjsXPpPkYfE:YdctJM/TJXe1RLYrutehGZ/v6JAXhMYs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c95c9704a350104dac1cad8ab0e68993_JaffaCakes118

Files

c95c9704a350104dac1cad8ab0e68993_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e0c30199bfc5e13f64569d62d7b5fcce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchange
HeapCreate
GetLocaleInfoA
SetConsoleOutputCP
GetACP
LockResource
GlobalDeleteAtom
EnterCriticalSection
LoadLibraryExA
GlobalFree
GlobalUnlock
GetDriveTypeA
GetStdHandle
RaiseException
GlobalAddAtomA
FoldStringA
VirtualProtect
SetErrorMode
Sleep
CloseHandle
GetLastError

user32

ClipCursor
ShowWindow
GetWindow
ReleaseDC
GetParent
GetMenuItemInfoA
IsIconic
GetActiveWindow
EndPaint
CharToOemBuffA
DrawTextA
GetWindowTextA
BeginPaint
GetClassNameA
GetFocus
ValidateRect
GetCursorPos
DrawEdge
SetForegroundWindow

version

GetFileVersionInfoA
VerFindFileA
GetFileVersionInfoSizeA
VerQueryValueA
VerInstallFileA

rasadhlp

WSAttemptAutodialName

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 704KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ