41d4038e9b733128bb80dc0e9ca06098_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

41d4038e9b733128bb80dc0e9ca06098_JaffaCakes118
Size

18KB
MD5

41d4038e9b733128bb80dc0e9ca06098
SHA1

00c2d905aa4e5839c6ef580d1161faa29948b971
SHA256

a10e646325b788af131e6cf7dfc5c74b3638c1654f6aade3f66e39b86b1840a3
SHA512

ad55c8687070133c983c15959e0d49c9679ba7b520649343e375975d4c15da50cc28e7a66c6c4afdb433b274b1ae51a8a536cc5976c3b9e49fd54fbb716ab138
SSDEEP

192:jm3iLnLu5ck9fWviODnTX71K1IzrS+L6iKYVP7zM6ZoOeJ9fAT:jbnuVWvDTXJKIzrS+OiKYhM6u9fAT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41d4038e9b733128bb80dc0e9ca06098_JaffaCakes118

Files

41d4038e9b733128bb80dc0e9ca06098_JaffaCakes118
.exe windows:48637 windows x86 arch:x86

b5577bd33cedb1ec23397bbbe6d2e2dd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

PtInRect
SetWindowTextW
DestroyIcon
DestroyMenu
IsIconic
SendDlgItemMessageW
EnableMenuItem
GetMessageW
LoadCursorW
PostMessageW
GetDC

advapi32

GetTokenInformation
InitializeSecurityDescriptor
RegEnumKeyExW
CloseServiceHandle
RegDeleteValueW
RegSetValueExW
InitializeSecurityDescriptor
RegQueryValueExA
FreeSid

gdi32

GetObjectW
StretchBlt
TextOutW
SetTextColor
CreateCompatibleDC
CreateCompatibleDC
CreateSolidBrush
CreateBitmap

shell32

ExtractIconW
SHChangeNotify
Shell_NotifyIconW
ExtractIconW
ExtractIconExW
ShellAboutW
SHGetDesktopFolder
ShellExecuteExW
SHGetPathFromIDListW

kernel32

VirtualAlloc
LoadLibraryA
GetModuleHandleA
GetCurrentProcessId
ExitProcess
GetCommandLineA
GetACP

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ