074c893ad29af7cf59b1779225e2fc76_JaffaCakes118 | Triage

Sharing

General

Target

074c893ad29af7cf59b1779225e2fc76_JaffaCakes118
Size

41KB
MD5

074c893ad29af7cf59b1779225e2fc76
SHA1

d7440e6527b873e8f0b9881d04fda3aa6d8c93ac
SHA256

92ab5e89c1b8c785a2421e3b97e0cceb32a81e4d5c0e9bb02508f8386c8bb024
SHA512

8a0084882b440ba08bdac76f391497a70b81b14b7d0f7df4c7187e45b249ad72392b887695a32ca9504b703de624e615b919d1b3ffbad7c8254eed34a87b7737
SSDEEP

768:GrBhZx1SoN6Jk84t7GAWMFyFB89TZvonCO9VCDcas6Gm0/N:4BjvShJk82qAFFSS92hCYaY5/N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
074c893ad29af7cf59b1779225e2fc76_JaffaCakes118

Files

074c893ad29af7cf59b1779225e2fc76_JaffaCakes118
.exe windows:4 windows x86 arch:x86

58749b5c319f7a93a26f70a112667a18

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AdjustTokenPrivileges
CryptCreateHash
CryptHashData
GetAccessPermissionsForObjectA

user32

CreateWindowExW
DestroyWindow
GetDlgCtrlID
LoadIconW
SetScrollPos

kernel32

ExitProcess
GetProcAddress
LoadLibraryA
VirtualProtect

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 478B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 25KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 5KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE