2882461679b37b491999d8f6d5f46ff7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2882461679b37b491999d8f6d5f46ff7_JaffaCakes118
Size

52KB
MD5

2882461679b37b491999d8f6d5f46ff7
SHA1

0691a94709f4556eeef9945e8fc18b5048178df8
SHA256

a2a0c5b539a9e430d1f328576cbee992ac22b21a97c18bf156179646ec8e1366
SHA512

720e5723e9b12f19a11eb49c62a51f0a01da7146bd56b59f716ea5f7a2c71bf5c1fec8d74946ce9f51fd00865d71ec632fd40fbc6696770eede7d6fa45225d73
SSDEEP

1536:FnA7d5/4lagx1W4T3Xq4UqMG1Bz0nI2RgqpC2Nfbr7UgUeP1d:qzoagv12vnLR5pjBbn8eP1d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2882461679b37b491999d8f6d5f46ff7_JaffaCakes118

Files

2882461679b37b491999d8f6d5f46ff7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

19f8ffa4646cd1e6be165ae768845446

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
EnumDateFormatsExA
ExitProcess
FreeLibraryAndExitThread
GetExitCodeThread
GetPrivateProfileStructW
GetProcAddress
GetVolumeInformationA
SetVolumeLabelW
WaitForSingleObject
WritePrivateProfileStructA

advapi32

BuildImpersonateTrusteeW
ClearEventLogW
CryptEncrypt
DestroyPrivateObjectSecurity
FreeSid
GetNamedSecurityInfoExA
GetTrusteeTypeA
ObjectPrivilegeAuditAlarmW
RegReplaceKeyA

gdi32

CreatePolyPolygonRgn
DescribePixelFormat
EndPath
GetKerningPairsA
GetMetaFileW
GetROP2
RealizePalette
ResetDCA
ResetDCW
SetDIBColorTable
SetEnhMetaFileBits
SetPixelV
StartPage

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE