256465af14bf04bf80f20bf3dada5231_JaffaCakes118 | Triage

Sharing

General

Target

256465af14bf04bf80f20bf3dada5231_JaffaCakes118
Size

26KB
MD5

256465af14bf04bf80f20bf3dada5231
SHA1

3098ab2ecb90f05632a1553508de90280852a5bf
SHA256

ab64a2996a5afdf061111d17a0b97da4804fc5c78c530eb7549ad1780a725c8a
SHA512

65492a9ff87e0b713cce197db406b7b7a1c0a371303196ee4fc6b55011e94a59a5d9a4f35c3c1724089451fa84822055c7952674526567c296f6c37598304479
SSDEEP

768:vdsDSZgsD8sc037LD+4zF6IFvTOFPE/L7m:vd+StCyLD+4pydE/+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
256465af14bf04bf80f20bf3dada5231_JaffaCakes118

Files

256465af14bf04bf80f20bf3dada5231_JaffaCakes118
.exe windows:4 windows x86 arch:x86

29250fe7cfb9eab9c512328fed4fa2ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

FreeMRUList
DllGetVersion
ImageList_DrawEx
ImageList_GetFlags
ImageList_LoadImageW

kernel32

ExitProcess
CreateThread
ExitThread
CreateFileA
CloseHandle

shell32

FindExecutableW
Options_RunDLLW
SHCreateDirectoryExW
SHGetFileInfoW
SHGetInstanceExplorer
SheChangeDirExW

msvcrt

_clearfp
_cgetws
_execlp
_fileinfo
_ftime64

Sections

.text
Size: 19KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE