2ed6ce17dad3b3cdffed1e021883ec77_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ed6ce17dad3b3cdffed1e021883ec77_JaffaCakes118
Size

36KB
MD5

2ed6ce17dad3b3cdffed1e021883ec77
SHA1

2a47405a926b4dcf3fbb09a20762f2eb034e08d8
SHA256

91001c31d9cb5929eb622b4fc5f321298ac1daba5961c8c004f2ac8a393498f8
SHA512

38b15ac90794d1fdb7f5202ae23ff084fe7bee64379782f8af8b4131b81e1bf207dea097e215882cdc6f3685eba149f1d9ee87ea2fe173bf8c216e6556bd82a6
SSDEEP

768:W4epRMKQGDzGtKYeYkvechsfTNq4Nwil3NwvltbOhbKxv6:W44oWGkzech8nwiT0t6K8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ed6ce17dad3b3cdffed1e021883ec77_JaffaCakes118

Files

2ed6ce17dad3b3cdffed1e021883ec77_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e8ecf76e3406cb6f3f1b5ee71ea26d8a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddAtomW
ExitProcess
GlobalUnWire
SetCommTimeouts
SetConsoleCP
SetLocaleInfoA

advapi32

CloseServiceHandle
CryptGenRandom
CryptSetProviderExA
CryptSignHashA
EqualPrefixSid
GetAclInformation
LookupAccountSidW
RegDeleteKeyA
RegOpenKeyA
SetFileSecurityA
SetKernelObjectSecurity

user32

DefFrameProcA
DialogBoxIndirectParamA
EndDialog
GetKeyboardType
GetOpenClipboardWindow
GetScrollRange
IsCharUpperW
SetCaretPos

shell32

CheckEscapesW
Control_RunDLLW
ExtractAssociatedIconA
ExtractAssociatedIconW
ExtractIconEx
OpenAs_RunDLL
RealShellExecuteExW
SHChangeNotify
SheRemoveQuotesA
Shell_NotifyIconW

gdi32

CreateDiscardableBitmap
FillPath
GetCharacterPlacementA
SetPaletteEntries
UpdateICMRegKeyA

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE