02c660d04afc397b1415b58afb9ebced_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

02c660d04afc397b1415b58afb9ebced_JaffaCakes118
Size

49KB
MD5

02c660d04afc397b1415b58afb9ebced
SHA1

6638eb6bf2df40f6e6a2a099ccc7c2f7fd821541
SHA256

bf4e46bb8d4b3ff10b65ebc15845f63cd3355ca2f44c367837614cd46cf3617c
SHA512

d05c07e48f9f23eead6efb0efc6e1ab862a4602bf069bd6a8905fdfc1163a3a7dbe9210a06d6afb62a6240504ae8414c552ae0b3422405020bd939bf64e40803
SSDEEP

768:YYLaGVUCNasYXcV+P14Dp82KwvJSK47rnTslbYbDFRT8Cx6X+RCMesC8qg:YYWQfNlYchtGiSxr2Ub3T4X+Gk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02c660d04afc397b1415b58afb9ebced_JaffaCakes118

Files

02c660d04afc397b1415b58afb9ebced_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ec90f6f3b9f92ce6a96d698dc58fcdda

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BeginUpdateResourceW
CompareFileTime
CreateThread
DeleteAtom
DeleteFiber
EndUpdateResourceW
ExitProcess
GenerateConsoleCtrlEvent
GetComputerNameA
GetPrivateProfileSectionA
GetProcAddress
MoveFileExW
MultiByteToWideChar
SetLocalTime
WriteConsoleInputA

advapi32

AreAnyAccessesGranted
ConvertAccessToSecurityDescriptorA
CryptGetDefaultProviderW
CryptSetHashParam
CryptVerifySignatureA
GetServiceKeyNameA
LookupPrivilegeValueW
OpenEventLogA
PrivilegedServiceAuditAlarmA
RegCloseKey
RegEnumValueA
RegSetValueExA

gdi32

ArcTo
CreateBitmapIndirect
CreateHalftonePalette
CreatePalette
CreateSolidBrush
GdiPlayScript
GetEnhMetaFilePaletteEntries
GetStockObject
RectVisible
ResizePalette
SetPixelFormat
SetPixelV
StrokeAndFillPath

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE