dac0af913f4502ee5e56e46669862cb3_JaffaCakes118 | Triage

Sharing

General

Target

dac0af913f4502ee5e56e46669862cb3_JaffaCakes118
Size

199KB
MD5

dac0af913f4502ee5e56e46669862cb3
SHA1

d89499b78235b35d0a4cb7355af70b120a4ded20
SHA256

6d6fad2227123a658f94cc967eec5d97b953903d90ed2f51220256e78c312d7a
SHA512

41fae220e1f1fd54fcd5a0a1754979d2b3f01aa4dd47afebb3db23adfed33c9de1a8c9defca6c36720809141e3813288df28a2dd5aac951a3e1bc6ff3555639b
SSDEEP

3072:DdzdqVt2QhzCmUyDbm1+KxEbdV91D4xq2R8XvY6RK:Dt62EzPUKCFxEbT/Kd+Xp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dac0af913f4502ee5e56e46669862cb3_JaffaCakes118

Files

dac0af913f4502ee5e56e46669862cb3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f86e975167cdff33e0d823a6be35560c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharNextA
GetDesktopWindow
GetDC
GetSystemMetrics

kernel32

lstrcmpiW
GetWindowsDirectoryA
GetStartupInfoA
RemoveDirectoryA
GlobalFindAtomW
GetOEMCP
GetTickCount
GetConsoleOutputCP
QueryPerformanceCounter
GetCurrentThread
GetCurrentThreadId
GlobalFindAtomA
GetCommandLineW
lstrcmpA
DeleteFileA
GetUserDefaultLangID
GetModuleHandleW
GetACP
GetLastError
SetLastError
lstrcmpiA
GetDriveTypeA
lstrlenA
lstrlenW
GetModuleHandleA
GetThreadLocale
GetCommandLineA
GetCurrentProcess
IsDebuggerPresent
DeleteFileW
GetProcessHeap
VirtualAlloc
LoadLibraryW
CopyFileA
Sleep
MulDiv
GetVersion
GetCurrentProcessId
SetCurrentDirectoryA

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ