01630416f63a1bff229f34b2d8e8c32b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

01630416f63a1bff229f34b2d8e8c32b_JaffaCakes118
Size

53KB
MD5

01630416f63a1bff229f34b2d8e8c32b
SHA1

03cea609b0f5b24665a6fd8dba3baa94705e02a7
SHA256

16ce71ccce61d65ce37a82fa8fd695a00e2e1d63e2038a74e9bd3eed962222b1
SHA512

f82f49884ea78370adcffc33e47cb4008fa647085540bc7e9e5ef794bb8635942a34f77f59befb4c4fa873b5f6a2735428e03edb108b607257b4460c20ab5d61
SSDEEP

1536:tanRcyr9FqfyDtzNZoMJlMER83c1EYMdO7mqfi8H+oA6DtxT:t2/RofMt5ZoMJyHGEYw0i8HbDDD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01630416f63a1bff229f34b2d8e8c32b_JaffaCakes118

Files

01630416f63a1bff229f34b2d8e8c32b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4b242ad61455a91e023decd88135d606

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumResourceLanguagesW
EnumSystemLocalesW
ExitProcess
GetFileAttributesA
InterlockedExchangeAdd
LoadLibraryExW
TlsGetValue
WritePrivateProfileStringW
lstrcmpiW

advapi32

BuildExplicitAccessWithNameA
CryptGenRandom
GetOverlappedAccessResults
ImpersonateSelf
IsTextUnicode
MakeAbsoluteSD
ObjectCloseAuditAlarmA
OpenServiceW
RegLoadKeyA
RegQueryValueA
RegQueryValueExA
RegSetValueW

user32

ActivateKeyboardLayout
ChangeClipboardChain
CreateAcceleratorTableA
DdeCmpStringHandles
GetDlgCtrlID
GetGuiResources
IsWindowVisible
MessageBoxA
ScrollWindowEx
SetWindowTextA
TranslateAcceleratorA

shell32

DragQueryFile
FindExecutableA
RegenerateUserEnvironment
SHFileOperationW
SHFreeNameMappings
SHGetDiskFreeSpaceA
SHGetInstanceExplorer
SHGetMalloc
SHGetSpecialFolderPathA
SHGetSpecialFolderPathW
SheSetCurDrive
ShellAboutW

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE