2682cb658ae2534cd58e0b4ecc252b20_JaffaCakes118 | Triage

Sharing

General

Target

2682cb658ae2534cd58e0b4ecc252b20_JaffaCakes118
Size

60KB
MD5

2682cb658ae2534cd58e0b4ecc252b20
SHA1

f68004febd9cfedd6ac29a413faebdf1efc9eb63
SHA256

8c0905e8f7984d0f0af9d9bc46ff2117867d9c19b61e178c908d93e89112f46f
SHA512

1275efac7c3ca674ee2a7fa6773d4dd2d1b697e33b61a3599ca9a6ede5affbbd0110f223dddf55ec8a09dd33bb11b601c66ff18cdaae8ba93c5411e16dee888d
SSDEEP

768:+8i1lYGuI12S3Cud89ZF2Y5ORg98OavBR8N49n6XREWyHigxtxqjFKbxST8:di1lYhG18/L8ghGRtn6SWwTtxSFKbxO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2682cb658ae2534cd58e0b4ecc252b20_JaffaCakes118

Files

2682cb658ae2534cd58e0b4ecc252b20_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0dd0f24d5d7047e919d3fa8921ea7055

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumCalendarInfoExA
EnumSystemCodePagesA
ExitProcess
GetCPInfoExA
GetDefaultCommConfigW
GetFileType
GetProfileIntA
GetTempFileNameA
GetTempPathW
GetWindowsDirectoryA
GlobalFix
LocalLock
ScrollConsoleScreenBufferA
SetupComm
Thread32First

advapi32

AbortSystemShutdownW
BuildImpersonateExplicitAccessWithNameA
BuildImpersonateTrusteeA
CloseServiceHandle
CryptEnumProvidersA
GetAuditedPermissionsFromAclA
GetExplicitEntriesFromAclW
GetNumberOfEventLogRecords
GetSidSubAuthorityCount
RegOpenKeyA
SetNamedSecurityInfoExW
SetSecurityDescriptorGroup

user32

CharNextW
CreateWindowExW
DdeClientTransaction
DdeQueryStringW
DestroyCursor
DrawStateA
EnumDisplayMonitors
FillRect
GetClipboardOwner
GetMenuStringA
GetOpenClipboardWindow
GrayStringA
ScrollWindow
SetFocus
SetWindowPlacement
wsprintfA

Sections

.text
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE