226a51c685b1612c40219d30a5f23b34_JaffaCakes118 | Triage

Sharing

General

Target

226a51c685b1612c40219d30a5f23b34_JaffaCakes118
Size

20KB
MD5

226a51c685b1612c40219d30a5f23b34
SHA1

7907c7a2ff30b4b5625555a60fba6d29beb6a612
SHA256

80699b5996233a62ccf9ffd8e97fa3f6d53d6ac0a041531a46f8e01a15b68a84
SHA512

1e21a6bc801183a9b56558d417a0d3624a72bdb05b7183817658e749c800a9f0d7e21c7370f16808d66182d96488dffef6d013869602649f2eb8237df68189c2
SSDEEP

384:sWFplBSfLfYvekw8/5z/+SSp84+6jtlsdjXyNv:HFplBSfLZ8F+S+8+hliXyNv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
226a51c685b1612c40219d30a5f23b34_JaffaCakes118

Files

226a51c685b1612c40219d30a5f23b34_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bb5dccdee2c4909abb1d19c963019bec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsFree
HeapWalk
GetAtomNameA
HeapReAlloc
CloseHandle
VirtualProtect
GetStdHandle
GetVersion
GetProfileIntA
LoadLibraryA
GlobalUnlock
TlsGetValue
GetModuleHandleA
GetTickCount
FindAtomA
WaitForSingleObject
CompareFileTime
lstrlenA
GetConsoleCP
InterlockedExchange
GetACP

user32

MessageBoxA
EnableScrollBar
DestroyMenu
GetMenu
InflateRect
CopyRect
DispatchMessageA
CreateCaret
GetScrollRange
InsertMenuA
SubtractRect
TranslateMessage
GetDlgItem
PaintDesktop
GetWindowTextA
LoadIconA
SetWindowPos
SetPropA
PostMessageA
ModifyMenuA
ShowWindow
GetMenuStringA
DialogBoxParamA
UpdateWindow
GetKeyboardLayout
EqualRect

msi

MsiGetMode
MsiEnumProductsA
MsiDoActionA
MsiCloseHandle
MsiEnumClientsA

ws2_32

WSAAccept

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ