3267289f1f23b568fc5a850f3bba4516_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3267289f1f23b568fc5a850f3bba4516_JaffaCakes118
Size

392KB
MD5

3267289f1f23b568fc5a850f3bba4516
SHA1

8c84ed8adb8ea89cd1e48fd8b54526414a5342a6
SHA256

28d934057b2e72c5498582a5b874078d0ecc0c74026d2cc69fa0ea2b735a1019
SHA512

bc7ac343a7117c17db153391a4340bc93ffd2bccb9299c39cf15aa6b5579bcc26743ebcb3e9283fb7f9d33f0da7c09fe4c2d9f06599217b43202d25ba824722b
SSDEEP

6144:FIr806HYI9ROaPxScEi+/5jYNdup75OifnQL3LsCYm5gA9fkBJ1y0Iyoo:gwHYIvdxbEuuzOMEYCYmyA9fAby07n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3267289f1f23b568fc5a850f3bba4516_JaffaCakes118

Files

3267289f1f23b568fc5a850f3bba4516_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5818fcca5db7f42a4161ef14dc15bcff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddLocalAlternateComputerNameA
LocalAlloc
ResetEvent
GetCurrentThreadId
MoveFileExW
FileTimeToLocalFileTime
GetSystemDirectoryW
GetThreadContext
CreateProcessW
GetExitCodeProcess
CreateEventA
LoadLibraryExW
LocalFree
TerminateProcess
CopyFileW
SetFileAttributesW
CreateThread
CreateDirectoryW
SetEvent
WaitForSingleObject
GetCommandLineA
FileTimeToSystemTime
CreateFileW
CreateWaitableTimerA
GetFileAttributesW
GetSystemTime
GetModuleHandleW

user32

IsDlgButtonChecked
EnumWindowStationsW
GetUpdateRgn
CheckDlgButton
wsprintfW
EnableWindow

wintrust

WTHelperGetProvSignerFromChain
WTHelperProvDataFromStateData

Sections

.text
Size: 283KB - Virtual size: 283KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bomex
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ