33d5fa9691d5f85df68db181968f15b6_JaffaCakes118 | Triage

Sharing

General

Target

33d5fa9691d5f85df68db181968f15b6_JaffaCakes118
Size

54KB
MD5

33d5fa9691d5f85df68db181968f15b6
SHA1

0177df816d6e9dd2e1c9f0d4e991d46518897c65
SHA256

5445cb6456985f4394f5e44b12368c5accfa2dbcbcf917ae939e9b5b722bdc6f
SHA512

1632f72bf0234d797757942bc360a697aa9c01c637496d428b2e2add4482dec6f4b4a2ad6380c052231deb2e24a09950e741881466fc55d6635363f64e85bfe9
SSDEEP

1536:JIgD4y1lT1iqvtK5E/YwjYDieE5y6OnMd5a2C:jl1hkqvteE/XlOnM+2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33d5fa9691d5f85df68db181968f15b6_JaffaCakes118

Files

33d5fa9691d5f85df68db181968f15b6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f294f76dbdb835984025804a8ed2f8c5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetCompressedFileSizeW
GetDateFormatW
GetDefaultCommConfigW
GetModuleFileNameA
OpenSemaphoreA
RtlUnwind
SetComputerNameA
SetFilePointer
SetHandleContext
SetThreadPriorityBoost

advapi32

AddAce
CryptAcquireContextA
CryptDuplicateKey
CryptEnumProviderTypesW
EqualPrefixSid
ImpersonateLoggedOnUser
LookupPrivilegeValueA
LookupSecurityDescriptorPartsW
NotifyBootConfigStatus
OpenBackupEventLogW
QueryServiceLockStatusW
QueryServiceStatus
RegConnectRegistryA
RegSetValueExW
RegUnLoadKeyW

user32

CopyImage
DrawTextExW
EditWndProc
EnumWindowStationsW
GetClipCursor
GetKBCodePage
GetWindow
GetWindowThreadProcessId
HiliteMenuItem
IMPQueryIMEA
PaintDesktop
SwitchDesktop
UnregisterHotKey

gdi32

CopyEnhMetaFileA
DeleteColorSpace
DrawEscape
GetCharABCWidthsW
GetTextFaceA
PolylineTo
SetICMProfileA
SetWorldTransform
SwapBuffers
TextOutA
UpdateColors
WidenPath

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE