d01236ba69ba51072293063dd76c84e6_JaffaCakes118 | Triage

Sharing

General

Target

d01236ba69ba51072293063dd76c84e6_JaffaCakes118
Size

20KB
MD5

d01236ba69ba51072293063dd76c84e6
SHA1

afea4ccc0fa8fb459dfa7b936d3ef32ee672f644
SHA256

717c98a244b422b67c894966a16eb09f23ed8ea8ae7a8bd9868e765f90c613dd
SHA512

3e57af1aed761dba96f85d7271021aeef5f11e03900052f19a27b27a28787f19cfd067cde7ccc869ecceddd50e3864f5658022cd517bae00c5f815fe8b27b35a
SSDEEP

384:hasoQd6I/5VXT7FxphED7wvw1KKKKpRIz8+ep8QDXdm:hN3dv37rg+w1KKKKpa4+kXdm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d01236ba69ba51072293063dd76c84e6_JaffaCakes118

Files

d01236ba69ba51072293063dd76c84e6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ac89e36a4d4d614d2f8338c917bb74f4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
HeapReAlloc
CompareFileTime
GetSystemDefaultLangID
HeapCreate
WaitForSingleObject
GetConsoleCP
LoadLibraryExA
SuspendThread
GetStdHandle
GetTickCount
GetModuleHandleA
WaitForMultipleObjects
CloseHandle
GlobalUnlock
InterlockedExchange
AddAtomA
GetProfileIntA
GetVersion
GetCommandLineA
lstrlenA

user32

GetWindowTextA
EnableScrollBar
GetKeyboardLayout
TranslateMessage
SetWindowPos
GetMenuStringA
SetPropA
DispatchMessageA
GetDlgItem
CopyRect
SubtractRect
ModifyMenuA
DestroyMenu
UpdateWindow
EqualRect
ShowWindow
PostMessageA
InsertMenuA
CreateCaret
GetKeyState
DialogBoxParamA
CreateCursor
FindWindowA
MessageBoxA
PaintDesktop

atl

AtlAdvise
AtlUnadvise
AtlGetVersion
AtlSetErrorInfo
AtlModuleInit

dnsapi

DnsStatusString

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ