03ad65bda612b9f9482c0abc5c5ef22b_JaffaCakes118 | Triage

Sharing

General

Target

03ad65bda612b9f9482c0abc5c5ef22b_JaffaCakes118
Size

53KB
MD5

03ad65bda612b9f9482c0abc5c5ef22b
SHA1

10d2cab43882c9c39b6f081392ea103b6ffa2954
SHA256

2c7e232b8df18aac8daff22f90f9d744a6be7d2a192d0d8ffabf908cdde15456
SHA512

c92d42fbdb8ff48b0d44348f346359e3f7a6e1897148b89140bf3e66ce97b25ec0a658f57f8b9dfdf9de7eac846ff3a6ebbcab562147d1f0f23b34b116ae71d3
SSDEEP

384:ZE4hC+S7yGK1VQMan++C6NKXCVmr0CHY7HR6G5WlESahmjEQ3Fp/ehuKLZKBxZYk:Z3cFVsmMC+wVmTH05N6FdepkzZTbv1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03ad65bda612b9f9482c0abc5c5ef22b_JaffaCakes118

Files

03ad65bda612b9f9482c0abc5c5ef22b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

25ccdc53026a1b08d0438f2101b3c4ca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushFileBuffers
ReadFile
SetFilePointer
WriteFile
CreateFileA
CloseHandle
GetModuleHandleA
DeleteFileA
SetFileAttributesA
GetCurrentProcess
GetSystemInfo
GetLastError
GetProcAddress
LoadLibraryA
SizeofResource
GetStartupInfoA

advapi32

LookupPrivilegeValueA
OpenProcessToken
AdjustTokenPrivileges
RegDeleteValueA
RegEnumValueA
RegCreateKeyExA
RegCloseKey
RegOpenKeyExA

winmm

mixerOpen
mixerGetLineInfoA
mixerGetLineControlsA
mixerGetControlDetailsA
mixerSetControlDetails

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
??3@YAXPAX@Z
__CxxFrameHandler
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ