2181531928aca70e4c3e84172cc81fe7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2181531928aca70e4c3e84172cc81fe7_JaffaCakes118
Size

114KB
MD5

2181531928aca70e4c3e84172cc81fe7
SHA1

c0efae7260eb018bc1788ca3506d24afec639f2f
SHA256

d5875bd7dc36547dee81f5d9a3c7c177e12091aa0159496ed5494868d56c7f96
SHA512

b2ce56c6bf690f2347e6a2d1fda8fd63fda45a547e56954e04414d07af07d5b5fa2ecaabb7158c68cd19f66a0a14d3c255f05f74715e3e995a6f22c1e7ba8f44
SSDEEP

3072:hCHfO0+QwTwC71C+THE4WQir4CvCo+OWW5uNa/0M+xmBsV:YHfL+l8S0abikCvCo+ObuNa8MKL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2181531928aca70e4c3e84172cc81fe7_JaffaCakes118

Files

2181531928aca70e4c3e84172cc81fe7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

da0ae31bfd28db018c06161de1212e20

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

RtlDeleteSecurityObject
RtlComputeImportTableHash
RtlAddAuditAccessAce

user32

GetWindowRgn

advapi32

RegOpenKeyExW
LsaDeleteTrustedDomain
CryptSetProvParam

gdi32

SetSystemPaletteUse
UnrealizeObject
SetGraphicsMode
SetDCBrushColor
SetArcDirection
PtInRegion
LineTo
WidenPath
GdiTransparentBlt
SetPixel
CombineRgn
CreateRoundRectRgn
ExtSelectClipRgn
FillPath
FlattenPath
GetArcDirection
GetBitmapBits
GetCurrentObject
GetGraphicsMode
GetStockObject

msimg32

AlphaBlend

activeds

ADsBuildEnumerator

rasapi32

RasAutodialAddressToNetwork

aclui

CreateSecurityPage

Exports

Exports

UkxpPRF0osLRW4PxA
Xr5Q6YOSTcUs
Z5Lt

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE