ff6b848c227c7f31212237cd7632caf5_JaffaCakes118 | Triage

Sharing

General

Target

ff6b848c227c7f31212237cd7632caf5_JaffaCakes118
Size

330KB
MD5

ff6b848c227c7f31212237cd7632caf5
SHA1

d018d3ce5286f454f23a8d074022061a05804e6d
SHA256

15f775d178d1158908942ed2e3083399d1e3d88e85fa1d283704d13a4c9af161
SHA512

ba33bd20423bdb557b74177eb96448104877b00f838d4f998534127054620a3ab1bf2a4dc7b564287d463fdb04852e4b9dabcf9b4ba4e6bdfac7e09f4431d743
SSDEEP

6144:dWanElPA8j3tyE5wCE6dMBVyFt5lJAc72xXdkaksxwlKybaxX7:dWvLyhGd86oT+TexX7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff6b848c227c7f31212237cd7632caf5_JaffaCakes118

Files

ff6b848c227c7f31212237cd7632caf5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a6f9ad1853767ad34cd825665ece23b3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProfileIntA
WaitForMultipleObjects
lstrlenA
GetModuleHandleA
GetStdHandle
GetConsoleCP
WaitForSingleObject
HeapCreate
GetCommandLineA
CloseHandle
HeapReAlloc
GetVersion
GetTickCount
CompareFileTime
LoadLibraryExA
InterlockedExchange
VirtualProtect
SuspendThread
AddAtomA
GetSystemDefaultLangID
GlobalUnlock

user32

CreateCursor
GetMenuStringA
PaintDesktop
DrawCaption
GetDlgItem
SetWindowPos
IsDialogMessage
MessageBoxA
EqualRect
InsertMenuA
DestroyMenu
CopyRect
FindWindowA
SetPropA
GetKeyState
ModifyMenuA
GetKeyboardLayout
DispatchMessageA
SubtractRect
TranslateMessage
CreateCaret
EnableScrollBar
GetWindowTextA
DialogBoxParamA
PostMessageA

netapi32

DsRoleCancel
DsRoleFreeMemory
DsGetDcNextA
DsGetDcOpenA
DsGetDcNameA

dnsapi

DnsStatusString

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 744KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ