30477accf873495a661237e6c81f91dc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

30477accf873495a661237e6c81f91dc_JaffaCakes118
Size

25KB
MD5

30477accf873495a661237e6c81f91dc
SHA1

6a6702f83bbba56e6cbc6487551522662827b205
SHA256

f5f4c79926f81d47a49340b999c985ec1cdb6024efc2d3035538c574d7b0d653
SHA512

e268556332b25f8b531ccc25ba44847a78f3ab0a518cfdec543108ff749f34479732e0c5ee15e50e51739f886b5bb362350e429d38841a72c9def5030b766751
SSDEEP

384:ICZi0e7wPPXuZfxcomFa95XEZBnMO3hqFw97VNy7bfhp7uVqRbKYQ0kaibG:ICZi0eqX057EIORqFwFVNqbzaqhtMbG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30477accf873495a661237e6c81f91dc_JaffaCakes118

Files

30477accf873495a661237e6c81f91dc_JaffaCakes118
.exe windows:1 windows x86 arch:x86

e2c69898e19633e9830253504d1e2896

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ElfDeregisterEventSource
CryptGetKeyParam
FindFirstFreeAce
GetSecurityDescriptorDacl
GetTokenInformation

kernel32

ClearCommBreak
ConvertThreadToFiber
CreateEventA
CreateMutexA
DefineDosDeviceA

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE