3d679181719e51d3ff2456dacc7676f8_JaffaCakes118 | Triage

Sharing

General

Target

3d679181719e51d3ff2456dacc7676f8_JaffaCakes118
Size

293KB
MD5

3d679181719e51d3ff2456dacc7676f8
SHA1

c1a46fc4f956c872abb802b6330f79a4fd1e8ea6
SHA256

1eac5a06121ba2d3305a912ae52b22ffa5ed1599153724f3d1097e1212261123
SHA512

500eac4117599625addcc2cd9caf10feace9116a3fa5b732f5e6a59f302c6b7c01835d5167b34c24aac8f624eb6745fdcdb07dd4544350ae803bf95ca9958487
SSDEEP

6144:eannlZZSk5qHXchRnlJB8xEKKngCE0LUZXlAaAumBTRa:RnnlIH8pf0AngCE0LEXlLAuWR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d679181719e51d3ff2456dacc7676f8_JaffaCakes118

Files

3d679181719e51d3ff2456dacc7676f8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

56a2c65ef7212da8aa36ab4c9150b77f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetAtomNameA
LoadLibraryA
InterlockedExchange
GetStdHandle
CloseHandle
GetModuleHandleA
GlobalUnlock
lstrlenA
GetVersion
FindAtomA
GetACP
TlsFree
GetConsoleCP
CompareFileTime
GetTickCount
GetProfileIntA
WaitForSingleObject
HeapReAlloc
VirtualProtect
TlsGetValue
HeapWalk

user32

InflateRect
TranslateMessage
CopyRect
GetWindowTextA
GetKeyboardLayout
GetMenu
LoadIconA
ModifyMenuA
EnableScrollBar
SetWindowPos
GetDlgItem
PostMessageA
MessageBoxA
DialogBoxParamA
InsertMenuA
GetScrollRange
PaintDesktop
SetPropA
SubtractRect
DestroyMenu
CreateCaret
ShowWindow
EqualRect
DispatchMessageA
UpdateWindow
GetMenuStringA
PostQuitMessage

msi

MsiEnumClientsA
MsiDoActionA
MsiCloseHandle
MsiGetMode
MsiEnumProductsA

ws2_32

WSAAccept

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 632KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ