226ccfa6a5c55556a539930966459118_JaffaCakes118 | Triage

Sharing

General

Target

226ccfa6a5c55556a539930966459118_JaffaCakes118
Size

56KB
MD5

226ccfa6a5c55556a539930966459118
SHA1

b7b07b8c53e0ac1ea6a37be990daa6557eba4ab0
SHA256

49ddde218012736830421a40bfda5c013b72e6b2c0196e63d1a92f239d0d0400
SHA512

6cc577e8b9f2a8b7337687f3d21536fa7c1a323b68a483dc54ef4bf3da542c179c036ae91d03aebf1ce0d032e9bd26beec6cf9642e24ad9567f878aa64a0b661
SSDEEP

1536:NF0Gz3cu8NKeC/LXxQgondHkQrZQV1lnKB98wUC:NFZz3cHC/TCLdHPZUjn4MC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
226ccfa6a5c55556a539930966459118_JaffaCakes118

Files

226ccfa6a5c55556a539930966459118_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aea4c90e43c4d1cfc2afdc45d71d2613

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenFileMappingW
GetComputerNameExA
GetVersion
GetProfileIntW
SwitchToFiber
GetPrivateProfileSectionNamesA
EnumSystemCodePagesA
FindFirstVolumeW
SetConsoleTitleA
UpdateResourceW
DnsHostnameToComputerNameA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE