e9de363994fbee298bb2fcab52dd032f_JaffaCakes118 | Triage

Sharing

General

Target

e9de363994fbee298bb2fcab52dd032f_JaffaCakes118
Size

53KB
MD5

e9de363994fbee298bb2fcab52dd032f
SHA1

ff4a3421bdcb86c7fd02f647678d1e4a54640c69
SHA256

d4746b29edbc2abadd013e5ece962af20301809d05e4ad27a39fae9954a5f90e
SHA512

50364769bc1166282905c55a9fe0d0fa9d882fbad2f305668f47611dc30b8e7ed3ab65965258fdfbdc9ab4c32b81334030c0f3fd063f113a55ccaaf628243022
SSDEEP

1536:v27ZnQ9n+qHYzJGaQCv0iXS8XRfiihHTYD:79n+qc7vqQQoH8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e9de363994fbee298bb2fcab52dd032f_JaffaCakes118

Files

e9de363994fbee298bb2fcab52dd032f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ddb93f7dd7832767c11fb3ab4290c231

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryW
ExitProcess
GetConsoleCursorInfo
GetProcessPriorityBoost
GetProfileIntA
GetStartupInfoA
GetSystemInfo
InterlockedDecrement
LockFileEx
ResetWriteWatch
SetFileTime
SetThreadPriority
WritePrivateProfileSectionW
lstrcat
lstrcmpA

advapi32

BuildSecurityDescriptorW
CloseServiceHandle
CreateProcessAsUserA
CryptAcquireContextW
GetFileSecurityW
GetSecurityDescriptorGroup
GetSecurityDescriptorSacl
GetTrusteeNameW
LookupAccountNameW
LookupPrivilegeDisplayNameA
OpenBackupEventLogA
RegQueryMultipleValuesW
SetEntriesInAclA
StartServiceCtrlDispatcherW

user32

ClipCursor
DdeAbandonTransaction
DdeNameService
EnableWindow
GetSystemMenu
MoveWindow
SetMenuItemInfoW

gdi32

CheckColorsInGamut
Chord
DeleteObject
EnumFontFamiliesExA
GdiGetBatchLimit
GetCharWidthFloatW
GetTextExtentPoint32W
PtVisible
SetMagicColors
SetWindowExtEx
SwapBuffers

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE