05fb221f74b5fcd0c930e878ae88d1b2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

05fb221f74b5fcd0c930e878ae88d1b2_JaffaCakes118
Size

52KB
MD5

05fb221f74b5fcd0c930e878ae88d1b2
SHA1

ebd4e0c401f43a06d6de28b8039a1d72275081b8
SHA256

3ddb3e7969597076150b7c89a48c91c54be6a6ad97d1099e630b6ed614967762
SHA512

01272964bbbd499226a2d45108c745ad79c35a0d877c1811dfeb43f64a1e2887caed02482005f7feab71308a7b9b93a8f36647009f2de2ed70b6ca4d8569c473
SSDEEP

1536:u5QJYmn4eT54esyEGla6ueYQjwgSzb6C6eJl:u5kbn4e14/yLa6ueY+wZb6W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05fb221f74b5fcd0c930e878ae88d1b2_JaffaCakes118

Files

05fb221f74b5fcd0c930e878ae88d1b2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0b549d56e0fc544906965c4b2b66897d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CancelIo
ExitProcess
GetFileType
GetSystemTimeAdjustment
GlobalAlloc
LocalFileTimeToFileTime
OutputDebugStringA
PeekConsoleInputA
RaiseException
ReadConsoleOutputCharacterW
SetHandleContext
SetHandleInformation
SetMessageWaitingIndicator

advapi32

AddAccessDeniedAce
AllocateAndInitializeSid
CancelOverlappedAccess
CryptSignHashW
FindFirstFreeAce
GetLengthSid
GetSidSubAuthority
ObjectCloseAuditAlarmA
PrivilegedServiceAuditAlarmA
QueryServiceLockStatusA
RegEnumKeyA
SetSecurityDescriptorOwner
SetThreadToken

gdi32

BeginPath
GdiPlayDCScript
GetKerningPairsA
GetMetaRgn
GetTextExtentPoint32A
SelectClipRgn
SetBrushOrgEx
SetLayout

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE