4575dd41cea84550357640af55660d74_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4575dd41cea84550357640af55660d74_JaffaCakes118
Size

51KB
MD5

4575dd41cea84550357640af55660d74
SHA1

f236c1b16cdeaba7d6e8540089b85d52269542aa
SHA256

75f623555622b4a77d330e8774b50c0a6883a7dfb00d6b7b445957428925f831
SHA512

17d5a0efbdf8c3977fb5a700e326f20390443cf4a3f054ba421df8be76caca36653a28d846977640a61b36ff7216df2508216cc238154c49f734cea27ce4e24c
SSDEEP

1536:umo8E7F+tjL3GhJhgFjDY3kMytEbJUsJUplYNtaf:um8SWhQjDykMyCbJUsipln

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4575dd41cea84550357640af55660d74_JaffaCakes118

Files

4575dd41cea84550357640af55660d74_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bf5f04ef713270844f7bf4fdea6c227e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
CreateSemaphoreA
EnumSystemCodePagesW
ExitProcess
GetDateFormatA
GetLocaleInfoW
GetWindowsDirectoryA
IsDBCSLeadByte
ReadConsoleA
TerminateThread

advapi32

AbortSystemShutdownW
AddAccessDeniedAce
BackupEventLogA
BuildImpersonateExplicitAccessWithNameA
CloseEventLog
CryptDecrypt
CryptSignHashW
GetOverlappedAccessResults
GetSecurityDescriptorGroup
RegEnumValueA
RegNotifyChangeKeyValue
ReportEventW
SetFileSecurityW
StartServiceCtrlDispatcherW

user32

BringWindowToTop
CopyIcon
DdeClientTransaction
DefFrameProcA
EnumDesktopWindows
FindWindowExA
GetMenuDefaultItem
GetScrollPos
GetSysColorBrush
IMPSetIMEA
RegisterWindowMessageW
SetWindowWord
ShowWindow
ToUnicode

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE