18d354cec5e6cc8790678af26dfe50d1_JaffaCakes118 | Triage

Sharing

General

Target

18d354cec5e6cc8790678af26dfe50d1_JaffaCakes118
Size

20KB
MD5

18d354cec5e6cc8790678af26dfe50d1
SHA1

44453254da9cf466bf6f4ae4011833fd69c17568
SHA256

574ed8bbbac0b12bb995b23647fb1e7f76e66653eafbc2c7548416674ca0b2f0
SHA512

9a12153769b59cae2db93ad9c37e61341281c4a10668b2eee2ab90e8aa9b95e720cc040ede86235c90513327ec45eb3c882d671cf01228cb62ac845961b2137b
SSDEEP

384:Ohm8Vao2zzZtF39UXve9m8/5/oh4HHHDnnnR7RRRRRRRRRDRRRRRRRExqL2VN5wC:Ohm8Va7hV+864HHHCqoN+12Rk5NNNNNa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18d354cec5e6cc8790678af26dfe50d1_JaffaCakes118

Files

18d354cec5e6cc8790678af26dfe50d1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d4ab06878c7c981b04c5c15cf85c08c9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapWalk
CloseHandle
GetProfileIntA
InterlockedExchange
FindAtomA
GlobalUnlock
TlsFree
CompareFileTime
GetTickCount
LoadLibraryA
HeapReAlloc
VirtualProtect
GetVersion
GetConsoleCP
GetStdHandle
GetACP
GetModuleHandleA
lstrlenA
WaitForSingleObject
GetAtomNameA
TlsGetValue

user32

GetScrollRange
GetMenuStringA
InflateRect
DispatchMessageA
ShowWindow
ModifyMenuA
PostMessageA
LoadIconA
SubtractRect
CopyRect
InsertMenuA
CreateCaret
DialogBoxParamA
GetWindowTextA
EqualRect
GetDlgItem
EnableScrollBar
SetPropA
SetWindowPos
GetKeyboardLayout
DestroyMenu
PaintDesktop
MessageBoxA
GetMenu
TranslateMessage
UpdateWindow

msi

MsiGetMode
MsiEnumProductsA
MsiDoActionA
MsiEnumClientsA
MsiCloseHandle

ws2_32

WSAAccept

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ