d1d2744d3e3dc0a2edee434b2607103e_JaffaCakes118 | Triage

Sharing

General

Target

d1d2744d3e3dc0a2edee434b2607103e_JaffaCakes118
Size

17KB
MD5

d1d2744d3e3dc0a2edee434b2607103e
SHA1

f488ac08dc00d34793cc5d80575267a908e1149e
SHA256

739c947e5d62fea0096aa3943369f0230ab871019de095d412939d8ab89fa2a5
SHA512

346c7a8e99fd7db51a8bfbb296779478da683625bcf7201c86a60c2c724d283cbefbedd942476fc9c74630d8465e9895f451be7dff08c28952ed825e7aec0e00
SSDEEP

384:z88888888888888888888888888888888888888888888888888888888888888h:z888888888888888888888888888888h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d1d2744d3e3dc0a2edee434b2607103e_JaffaCakes118

Files

d1d2744d3e3dc0a2edee434b2607103e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

57434eeb54d54276902b9a730570579c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
lstrlenA
WaitForSingleObject
GlobalSize
CloseHandle
GetTickCount
WaitForMultipleObjects
VirtualProtect
GetConsoleCP
GetVersion
GlobalUnlock
CompareFileTime
GetConsoleDisplayMode
GetCommandLineA
InterlockedExchange
GetUserDefaultLangID
HeapCreate
ResumeThread
HeapReAlloc
GetModuleHandleA
GetAtomNameA

user32

GetDC
CloseWindow
GetWindow
EndPaint
ReleaseDC
CreateIcon
GetClassNameA
GetFocus
DragDetect
FrameRect
DrawTextA
BeginPaint
ShowWindow
SetForegroundWindow
GetCursorPos
FillRect
wsprintfA
GetParent
GetTitleBarInfo

rastapi

DeviceDone
AddPorts
DeviceConnect
DeviceListen
PortClose

quartz

DllGetClassObject

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ