38237f18f3eb4bdb17836b7d3b1c4e3b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

38237f18f3eb4bdb17836b7d3b1c4e3b_JaffaCakes118
Size

23KB
MD5

38237f18f3eb4bdb17836b7d3b1c4e3b
SHA1

c475632853fdfd66650892a5c8aaaf9e1ab60b19
SHA256

ec28a3a70b661bf3d41f9706eb6d9d220bbc2f1e1bfe584d2df90316e1b8c6d6
SHA512

0b3f8df900f2fcf8762e8b8d1d00e10fb6c8ae8c08a6a0e7b99d1ad8b78d8db33a3b608f159c440c96b63f830b39f3534b22af2eb067b51c0cba33b33043e36c
SSDEEP

384:+1MVSN+54sEj1MJ7OgOfgt4asu/fmacPKfFMDVhCLybjwoPuB:+1MUE54sgKxOfgt4ju/+FoCDVhAGG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38237f18f3eb4bdb17836b7d3b1c4e3b_JaffaCakes118

Files

38237f18f3eb4bdb17836b7d3b1c4e3b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4d66ea001ed9276d573821fd09905cb7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMailslotA
CreatePipe
DefineDosDeviceW
ExitProcess
FreeEnvironmentStringsA
FreeLibrary
InterlockedDecrement
MoveFileExW
ReadConsoleOutputW
RemoveDirectoryA
RequestDeviceWakeup

advapi32

CryptGenKey
CryptGetHashParam
GetEffectiveRightsFromAclA
GetMultipleTrusteeA
GetSecurityDescriptorControl
GetSecurityDescriptorDacl
GetSecurityDescriptorSacl
LookupAccountNameW
LookupPrivilegeNameA
RegNotifyChangeKeyValue
RegUnLoadKeyW
SetThreadToken

user32

CreateCursor
DdeConnect
DdeQueryStringA
DdeUninitialize
FlashWindow
GetAsyncKeyState
GetDesktopWindow
GetDlgItem
GetSystemMetrics
IMPQueryIMEA
InsertMenuW
LookupIconIdFromDirectoryEx
OffsetRect
RemoveMenu
SendDlgItemMessageW

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE