41f6bd9af3938c101bf2e3328158832e_JaffaCakes118 | Triage

Sharing

General

Target

41f6bd9af3938c101bf2e3328158832e_JaffaCakes118
Size

10KB
MD5

41f6bd9af3938c101bf2e3328158832e
SHA1

79f0d4c39b9e9416de19342ec5726650f7f3e9cb
SHA256

c469f2162fae524eeaa009a9520055596c2fda4823b66900b4da7c46c18f911f
SHA512

2ee431c6810a45450728c1f0ada9adf47b4becb3375d9219ad0dfbbbc2232b3f06dba3c248af136db3b5971f980e911956d56211d41ee0211cf61cf5da0845c1
SSDEEP

192:+ok3bu8nB5cPMYRHj7zNU3W2AsaFabe93AAp6Gagt+Z0wY:+Xu8BeTRHj7hU3VAuK/+ZRY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41f6bd9af3938c101bf2e3328158832e_JaffaCakes118

Files

41f6bd9af3938c101bf2e3328158832e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

095d8a5a06b1aa538c561b28bf673aac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BuildCommDCBW
CancelDeviceWakeupRequest
ExitProcess
FindFirstChangeNotificationW
GetCurrencyFormatA
GetCurrencyFormatW
GetLongPathNameA
GetSystemDirectoryW
GetTapeParameters
GetVolumeInformationW
InitAtomTable
IsDBCSLeadByteEx
ResetEvent
SearchPathW
SetUnhandledExceptionFilter
SetupComm
WaitNamedPipeA
WritePrivateProfileSectionA

advapi32

ClearEventLogA
ConvertAccessToSecurityDescriptorA
CryptGetProvParam
CryptReleaseContext
IsValidAcl
LookupPrivilegeNameA
RegEnumValueA
RegEnumValueW
RegQueryValueExA
RegSetKeySecurity
SetEntriesInAuditListW

gdi32

Chord
ExtTextOutW
GdiFlush
GetClipBox
GetICMProfileW
GetOutlineTextMetricsW
GetStockObject
GetTextExtentExPointW
Pie
PolyTextOutA
Polyline
SetMapMode
SetRectRgn
SetViewportOrgEx
UnrealizeObject
UpdateICMRegKeyW

Sections

.text
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE