48aad6fc2c8fe3d07951a4cdea5ee614_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

48aad6fc2c8fe3d07951a4cdea5ee614_JaffaCakes118
Size

36KB
MD5

48aad6fc2c8fe3d07951a4cdea5ee614
SHA1

1fa408de72625ca02ab1108ffcb1f71781f929b0
SHA256

b63e67f736fa9baddcbc7cb8c955f8b888cb2479e490037f5d10a4588521e22d
SHA512

35c8f4aad26063d8c0b7ee18241ca21166c1dc46817f0598dec1385beda6cb22a3212d7cbacc6a0b3c936c30c01300040e0f868babef289f629637104dda1d11
SSDEEP

768:hs2Xt+uk9KM/LmzIwEUy72wTtockI1k4vXF:hZ3k9KaCzHErqQtoctk4vXF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48aad6fc2c8fe3d07951a4cdea5ee614_JaffaCakes118

Files

48aad6fc2c8fe3d07951a4cdea5ee614_JaffaCakes118
.exe windows:4 windows x86 arch:x86

26b7462398a4952e826509e4a2ffb8bb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
UTUnRegister
GetCPInfoExA
InitAtomTable
GetConsoleTitleW
EnumResourceNamesW
SearchPathA
BasepCheckWinSaferRestrictions
GetComPlusPackageInstallStatus

user32

GetCaretPos
GetWindowInfo
RegisterClipboardFormatW
ChangeDisplaySettingsA
OpenDesktopW
EnumWindowStationsA
DeleteMenu
SetCapture
GetLastActivePopup

advapi32

ElfReportEventW
LsaEnumerateAccounts
EqualDomainSid
SystemFunction024
CreateProcessWithLogonW
SystemFunction007
LsaFreeMemory

shell32

SHGetNewLinkInfoA
DAD_SetDragImage
SHUpdateRecycleBinIcon
SHFlushSFCache
SheChangeDirExW
DllGetClassObject
Control_FillCache_RunDLLA
SHAddToRecentDocs

Sections

.text
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE