f4a59eda9e6a242f1668f0f4b2096a82_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f4a59eda9e6a242f1668f0f4b2096a82_JaffaCakes118
Size

38KB
MD5

f4a59eda9e6a242f1668f0f4b2096a82
SHA1

8601afb401db83caab7a62a08de83ab961d6b9a9
SHA256

0c3aa5170ef9d35b150e144a3c06a0fabfda845d015bab4a4be6029f445c3a32
SHA512

b8a4f28a50512658b408e13f6c293e3ae1e308a6958a3688f01053b96d83cde4de85796ab5bcef55e3fa2004f47e7ca5d9a886490e8e3338b4686bb77fa619b7
SSDEEP

768:+oANGD36eLQdhd/FlinZBiumXu1NCgVSWZSkro1BcFWX3Rt/9L:+Vk3ghn0ZAumXu1N9b1sI4l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f4a59eda9e6a242f1668f0f4b2096a82_JaffaCakes118

Files

f4a59eda9e6a242f1668f0f4b2096a82_JaffaCakes118
.exe windows:4 windows x86 arch:x86

680cc038747eb9206b5cfb2b1625ce5b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ConnectNamedPipe
ExitProcess
ReadProcessMemory
SetConsoleMode
SetThreadAffinityMask
SystemTimeToFileTime
WritePrivateProfileStringA
lstrcmpi

advapi32

AddAuditAccessAce
BuildImpersonateTrusteeW
ConvertSecurityDescriptorToAccessNamedW
CryptEnumProviderTypesW
DestroyPrivateObjectSecurity
GetFileSecurityW
GetTrusteeTypeW
NotifyBootConfigStatus
ObjectOpenAuditAlarmW
OpenServiceW
RegQueryValueW
RegSetValueA
SetThreadToken
SetTokenInformation
StartServiceCtrlDispatcherW

user32

CheckMenuRadioItem
EnumChildWindows
GetClassInfoExA
GetInputDesktop
GetProcessDefaultLayout
InflateRect
InvertRect
IsCharLowerW
OemKeyScan
SetActiveWindow
SetDlgItemInt
SetWindowLongW
UnregisterClassA

shell32

Control_FillCache_RunDLLW
FindExecutableW
SHGetFileInfo
SHGetSpecialFolderLocation
SheGetDirW
ShellAboutW
ShellExecuteEx

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE