229ddeadd0dd13d3ca7d203334465ea2_JaffaCakes118 | Triage

Sharing

General

Target

229ddeadd0dd13d3ca7d203334465ea2_JaffaCakes118
Size

55KB
MD5

229ddeadd0dd13d3ca7d203334465ea2
SHA1

bf093472c42c8c3acbf176cd0e9713eac20296bc
SHA256

765ef19f197d2e6d295b08ead534776f298477b83bfaec016669602c896b38c1
SHA512

c9538452b5ed955e16e195c678a47b3021a6690142a400c5bee0bfb4fb71bc0c9449cc205eab33bbc90f7a7bc4e4f12497e91b3ea9040699053d64a4e0697c48
SSDEEP

1536:3T1pkXWKBadM2QV89Ul6AEjYIvUQjCzb9:D1pkXmdM2QV8TAEUDQj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
229ddeadd0dd13d3ca7d203334465ea2_JaffaCakes118

Files

229ddeadd0dd13d3ca7d203334465ea2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e02c5bc50c153e8b7bc81840892b5bdf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CancelIo
InterlockedIncrement
ReadConsoleA
MoveFileWithProgressA
Beep
ExpandEnvironmentStringsA
Toolhelp32ReadProcessMemory
GetCalendarInfoA
GetCommandLineA
ExitProcess
GetStartupInfoA

user32

GetDlgItem
FillRect
ToUnicodeEx
CharUpperA
DefWindowProcA
LoadKeyboardLayoutEx
DdeQueryStringA
PostMessageA
DdeConnect
wsprintfA
SetWindowPlacement
IsHungAppWindow
GetListBoxInfo

shell32

SHCreateProcessAsUserW
SheGetDirA
SHGetPathFromIDList
SHGetNewLinkInfo
StrStrW
SHGetDesktopFolder
SheChangeDirA
DragQueryFileW

gdi32

OffsetRgn
UpdateICMRegKeyW
CreateMetaFileA
CopyEnhMetaFileW
GetCharWidth32W
PolyTextOutA
EnumICMProfilesW
GdiPlayEMF
GetClipRgn
GdiSetBatchLimit
QueryFontAssocStatus
CreateDCA
AddFontMemResourceEx
GdiGetDevmodeForPage
GdiEntry2
CloseFigure

Sections

CODE
Size: 5KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 46KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE