fa8521e6134963fa01b040a487d32216_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa8521e6134963fa01b040a487d32216_JaffaCakes118
Size

52KB
MD5

fa8521e6134963fa01b040a487d32216
SHA1

dccd862afeb00028b48feff81607f3029d005f69
SHA256

dffb79e976fcbe61289a08afcdfd24e4d2a891bf5f87fb1049ead656ffbfe790
SHA512

136ce7980259df28e32eb9c00d8472f8ab7765bc46012d7373d75016df4ecb8be173e0fb8459e713a19f88fc06c9aba3d5ae4ee2772c9da85687be8f579c447a
SSDEEP

768:CQmhsz05yqUANKtT1p6sG8JZPFvyyoNlew2fEN4S83zo5EEe7ryGaKL5EiO4Lsxw:as9OIxpmAZP9PoNoU4L3wEE8yE+iv7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa8521e6134963fa01b040a487d32216_JaffaCakes118

Files

fa8521e6134963fa01b040a487d32216_JaffaCakes118
.exe windows:4 windows x86 arch:x86

79b087533899f883caab517d718c5fdb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringW
ConnectNamedPipe
EnumDateFormatsExA
ExitProcess
GetModuleHandleA
GetPrivateProfileStructA
GetTimeZoneInformation
GlobalUnlock
IsSystemResumeAutomatic
ResumeThread
SetThreadPriority
TerminateThread
WriteConsoleOutputCharacterW
lstrcatW

advapi32

ControlService
EnumDependentServicesW
GetEffectiveRightsFromAclW
GetFileSecurityW
GetMultipleTrusteeOperationW
GetOldestEventLogRecord
GetPrivateObjectSecurity
GetSidLengthRequired
GetSidSubAuthorityCount
LookupPrivilegeNameA
OpenBackupEventLogW
RegisterServiceCtrlHandlerA

user32

DrawIconEx
GetGUIThreadInfo
GetShellWindow
IsCharAlphaW
OemToCharBuffA
SetCapture
SetDlgItemInt
SetWindowsHookExW

shell32

DragQueryFileAorW
FindExecutableA
RealShellExecuteW
SHInvokePrinterCommandA
SHUpdateRecycleBinIcon
SheFullPathA

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE