3552fa482ee752a6ed1fc32aae55e843_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3552fa482ee752a6ed1fc32aae55e843_JaffaCakes118
Size

394KB
MD5

3552fa482ee752a6ed1fc32aae55e843
SHA1

7985d35b4f320e8411fb646fd05cc1f0c0487ef7
SHA256

30ca5efa5e72f90f7866bc3413665255fe24f0ec7f49a52e29b9592b722645ef
SHA512

2c36c484de7efad639a8117ab715a2ae9919a0a31e4c1988954a4666c860ce24c662ed683d23bd7aea00c86939553c9d5470d97149b1a9d9a7178a8087c9238c
SSDEEP

6144:CuooUZziW42GJHeObdfkavaQ/zmTVUzlThHKpNskKGv4LsXI21cAw0Cnj8ZiP:CiWVKHZeEXWprKbcI21c/Rnjgq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3552fa482ee752a6ed1fc32aae55e843_JaffaCakes118

Files

3552fa482ee752a6ed1fc32aae55e843_JaffaCakes118
.exe windows:5 windows x86 arch:x86

26c8bef2fd7bc175ae32cd68e8decd5f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ControlService
GetLengthSid
GetTokenInformation
RegDeleteKeyA
GetKernelObjectSecurity
CreateProcessAsUserA
RegCreateKeyA
RegOpenKeyA
GetSidSubAuthorityCount

user32

FindWindowExA
WindowFromPoint
CheckMenuItem
DefDlgProcA
GetUserObjectSecurity
MessageBoxA
InsertMenuA
SendMessageA
BeginDeferWindowPos

msvcrt

_stat
_ltoa
atol
realloc
_beginthreadex
_wcsicmp
_except_handler3
wcsncat
_wctime

kernel32

GetStartupInfoA
HeapFree
GetFileAttributesA
FreeEnvironmentStringsA
DeviceIoControl
GetLastError
IsDebuggerPresent
HeapDestroy
GlobalUnlock
DuplicateHandle
VirtualFree
CreateThread
GetFileType
WaitForSingleObject
SetEnvironmentVariableA
SizeofResource
WriteFile
FindFirstFileA

gdi32

CreateRectRgnIndirect
StartDocA
SetBkMode
CreatePen
Ellipse
DeleteObject
ExtTextOutA
CreateSolidBrush

ole32

CoUnmarshalInterface
CoSuspendClassObjects

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ