447e54c4ae1644a4c13a894444caf27f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

447e54c4ae1644a4c13a894444caf27f_JaffaCakes118
Size

14KB
MD5

447e54c4ae1644a4c13a894444caf27f
SHA1

6e053240627c60b79bad3c18b744827e4f036ce4
SHA256

0f4cc919c1e5bd461c2a8de8f5baaed667371bba82e250f24a73bd451b906596
SHA512

ff8552ba1adacdd8324bf0ed4f28528d649fdb4417f08a8b53dc5335e7d31a77df3e03b650027dde3ba0ebd374b0fc37e34027ea8693726b6fc076c53b324885
SSDEEP

384:bxW2itJbsfNdlF1LSVIAC+mrOsVJ8U6ua:d+JbsFdBSmACpr9VJpQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
447e54c4ae1644a4c13a894444caf27f_JaffaCakes118

Files

447e54c4ae1644a4c13a894444caf27f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ec08d0ffab52ca2adbc3a12b55c19bef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DefineDosDeviceW
ExitProcess
GetLongPathNameW
GetSystemInfo
LocalHandle
ReadFileEx
RequestWakeupLatency
SetDefaultCommConfigA
SetDefaultCommConfigW
SetFileApisToOEM

advapi32

AdjustTokenGroups
BuildTrusteeWithNameA
CryptDuplicateHash
GetCurrentHwProfileA
GetCurrentHwProfileW
GetFileSecurityA
GetNamedSecurityInfoExA
GetSidLengthRequired
IsTextUnicode
LookupPrivilegeNameA
RegCreateKeyExW

gdi32

CloseMetaFile
CreateFontW
EnumFontFamiliesA
EnumFontFamiliesExA
GetDeviceGammaRamp
SetRectRgn

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE