5d928a2afb9729899c39f28310410f71_JaffaCakes118 | Triage

Sharing

General

Target

5d928a2afb9729899c39f28310410f71_JaffaCakes118
Size

40KB
MD5

5d928a2afb9729899c39f28310410f71
SHA1

ba4815c81a5408c42db06b2f9ae1ff36cbb9cf13
SHA256

1ec2014121125ec0842988a1a04c7ec5857139c22791cb9145fd14afb10a7fc2
SHA512

4af4744bfba431d8384284c2292dfe410e02e623d4abca6bd27602f20873af723c676e85254195e2701ecdf1d69199e2a780fa1a65f407e99d6a97cf4b3ea0ce
SSDEEP

768:CrCyUIYJ1mLQD/FZ43O/1X30HvqJCwS9TecrPlSHo3uEosoLL0L:CrRJYJ8sD/FlBJA9ycrPoI33uL0L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d928a2afb9729899c39f28310410f71_JaffaCakes118

Files

5d928a2afb9729899c39f28310410f71_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a86c9285167d74611aea3137c0eeb4d5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ClearCommError
ExitProcess
GetCalendarInfoA
GetLogicalDriveStringsW
GetLongPathNameW
GetOEMCP
GetStringTypeExA
GetTimeFormatW
ReadConsoleOutputA
SetHandleContext
lstrcatA

advapi32

ChangeServiceConfigA
GetAccessPermissionsForObjectW
GetAce
GetCurrentHwProfileW
GetFileSecurityA
GetMultipleTrusteeA
GetMultipleTrusteeW
LookupPrivilegeDisplayNameA
LookupPrivilegeDisplayNameW
OpenBackupEventLogW
OpenEventLogA
RegDeleteValueA
ReportEventW

user32

CharToOemBuffW
CloseWindowStation
DdeCmpStringHandles
DdeCreateStringHandleA
DdeNameService
GetUpdateRect
IsRectEmpty
LoadAcceleratorsW
LoadMenuIndirectW
RedrawWindow
SetMenuInfo

shell32

DragQueryFile
DragQueryPoint
ExtractAssociatedIconA
ExtractAssociatedIconExW
ExtractIconEx
ExtractIconResInfoW
FindExecutableA
FindExecutableW
FreeIconList
SHBrowseForFolder
SHEmptyRecycleBinW
SHGetPathFromIDListW
SHLoadInProc
SheShortenPathA
ShellExecuteExA

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE