388dc03cb56f116047cb2b396bdeaadd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

388dc03cb56f116047cb2b396bdeaadd_JaffaCakes118
Size

52KB
MD5

388dc03cb56f116047cb2b396bdeaadd
SHA1

998b448bb721789e8f3615744c267d37f2188daa
SHA256

83eccc96d7a1f26ca446eac62cd18925bb696e5715aa34f6fca8bc119bbc8e81
SHA512

f9e4cd182f5dab11efe6b61dc22b5da286eff768fd2664e5f4c18b67fc875cafdbe0b95be355a8cd40a41289961729f247b6f7b6b7ee8491fb72061ac7c3a187
SSDEEP

768:+A7T9IgDlGnULM95dTJw2pSLo+LXnyfhxiN+XXo6PGr3Ts7:R7PBGnULuDJmzCiNeXo6Ovg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
388dc03cb56f116047cb2b396bdeaadd_JaffaCakes118

Files

388dc03cb56f116047cb2b396bdeaadd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0743e700b8dec9993b9b9bf276c4b7e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AllocConsole
DeleteCriticalSection
EnumResourceTypesA
ExitProcess
FoldStringA
GetProfileStringW
GetTapeStatus
GetTempFileNameW
ResumeThread
UnhandledExceptionFilter
lstrcmpi

advapi32

AbortSystemShutdownA
CreatePrivateObjectSecurity
CryptGenKey
CryptSignHashW
GetMultipleTrusteeW
GetSecurityInfoExW
GetSidSubAuthorityCount
IsTextUnicode

user32

CharLowerW
DestroyAcceleratorTable
DestroyMenu
InsertMenuItemW
IsIconic
OffsetRect
SendMessageTimeoutA
SetUserObjectSecurity
wvsprintfA

shell32

Control_FillCache_RunDLLA
DllCanUnloadNow
DoEnvironmentSubstW
DragQueryFileW
ExtractIconExW
SHFileOperationA
SHHelpShortcuts_RunDLL
SheFullPathA

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE