04b4aa87520b134c136322e564728862_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

04b4aa87520b134c136322e564728862_JaffaCakes118
Size

73KB
MD5

04b4aa87520b134c136322e564728862
SHA1

f3d834656c1d0d59fcc5e3da5d617acdf7d67eed
SHA256

53f5f85a8813d09e76d61335f92af85e67eba966ed79f08a980edd86573927a2
SHA512

6a0077e2091c8713453c29fdda6c726783572ad50b2760fdd622ab799a94ae0a8f587346ee4ae3ece7cd9084f31db5104b1db1fb8aae81aa6777e58dc9c42675
SSDEEP

1536:VP76FJhYTU8YGaEHh97vwSJaNXHhYfKwjIG:976FXYg5FEB9bwSc3hwj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04b4aa87520b134c136322e564728862_JaffaCakes118

Files

04b4aa87520b134c136322e564728862_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aefcd1187708b622071e7926c1f73a10

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

UnlockServiceDatabase
RevertToSelf
LsaOpenSecret
RegUnLoadKeyW
LsaClose

msvcrt

strlen
iswcntrl
strcmp

user32

GetScrollPos
LoadKeyboardLayoutW
GetForegroundWindow
GetMenuStringW
SetDoubleClickTime
SendInput

wininet

ShowCertificate
InternetDialW
InternetGetCookieW
InternetSetCookieW
UrlZonesDetach

Sections

.text
Size: 48KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE