4b4d1ce315f78cc9475934f5e1251f4a_JaffaCakes118 | Triage

Sharing

General

Target

4b4d1ce315f78cc9475934f5e1251f4a_JaffaCakes118
Size

19KB
MD5

4b4d1ce315f78cc9475934f5e1251f4a
SHA1

09b2d9499d9f1a23467c3f95ca830ba0657f79b9
SHA256

dcae78be09362f839147ecd368fba0b85940af9d1e832fb2c735ba9247cd4ac5
SHA512

2542ea434cc09f2e66700de8c49aaca1552a2dc5e0fbf26bc9ebd7787f73ffbe2a751d3d51e710c4177d2ca3c96aa49da50985c2f21c0177ed8fd68918c22fe1
SSDEEP

384:pXuIa3hZGN11WLdf3hRj5dEkkqtbku8nw:p+d3G31WLdZRj57bku8nw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b4d1ce315f78cc9475934f5e1251f4a_JaffaCakes118

Files

4b4d1ce315f78cc9475934f5e1251f4a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

439f65f55ac630906a0ccbeab3e0c1a5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
LockResource
LoadResource
SizeofResource
FindResourceA
GetModuleHandleA
GetSystemDirectoryA
WaitForSingleObject
SetThreadPriority
CreateThread
TerminateProcess
WriteFile
CreateEventA
OpenEventA
OutputDebugStringA
Process32Next
Process32First
CreateToolhelp32Snapshot
Thread32Next
Thread32First
Sleep
GetModuleFileNameA
LoadLibraryA
ExitProcess
GetWindowsDirectoryA
CreateFileA
GetFileTime
SetFileTime
GetCurrentProcess
OpenProcess
CloseHandle

user32

GetWindowTextA
EnumThreadWindows
GetWindow
FindWindowA
SendMessageA
PostMessageA
CheckDlgButton
CheckMenuItem
CheckMenuRadioItem
CheckRadioButton
CloseDesktop
GetDC
GetDCEx
GetCursor
wsprintfA
GetClassNameA

gdi32

Chord
CancelDC
CloseEnhMetaFile

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
RegCreateKeyExA
RegCloseKey
RegSetValueExA
OpenProcessToken

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ