47d2d14711b98df8c0860d0b5c1ed343_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

47d2d14711b98df8c0860d0b5c1ed343_JaffaCakes118
Size

960KB
MD5

47d2d14711b98df8c0860d0b5c1ed343
SHA1

6759cda2f677e76b286ccc96ca16ac1b9a326165
SHA256

aba0a598acd1e138d00168cf191bc16326d9bbc95d273c5633d2fa576af65b21
SHA512

81961d840f1dd1eb8e4ca0c839e6c0aa82bde8a04e2c5e72c719014fb07035acc0267fb14591495a2e8eb5d5dac25ef0fed818735f7663b1a1e07af0a52e9db7
SSDEEP

24576:mVl7aIeupqp7wgBbfG5eYiAaJgX/soFy3GM:mVl7dgsgBikYiA8gXlM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47d2d14711b98df8c0860d0b5c1ed343_JaffaCakes118

Files

47d2d14711b98df8c0860d0b5c1ed343_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3d39bfee9d80cd496799d29877586f03

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

UtGetDvtd32Info
CoBuildVersion
StringFromCLSID

advapi32

CreatePrivateObjectSecurity
GetNamedSecurityInfoW
RegCreateKeyA
GetMultipleTrusteeW
QueryServiceObjectSecurity

kernel32

HeapCreate
CallNamedPipeW
PeekNamedPipe

user32

DrawTextExW
DrawTextExA
GetClassNameW
GetTabbedTextExtentA

msvcrt

_wfullpath
_memicmp
ldiv

Sections

.text
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.init
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ