62cd813e2a43f0dd611affa8ec2b5471_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

62cd813e2a43f0dd611affa8ec2b5471_JaffaCakes118
Size

49KB
MD5

62cd813e2a43f0dd611affa8ec2b5471
SHA1

f97f1c7669bfe7372fee80493846acd0beb26a37
SHA256

bab5517c2cbaa4468366d43cf4d103c6442c2a642616775dce51f81a3856ae60
SHA512

c432a3b060b84c1e7211c34da5dbc374a016d0dbf31b65ad75dc240782b3ef31a64ef65b6698058b5c4d2affc26e547eb545827e7b2087da74fb9ac95931e8bd
SSDEEP

1536:e+kjJUQNs0fJa5ZfWJZCFJuDlk4mS2aIZV1YqS2a8h+:e+mZk5sUCS5S23ZVpSy+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62cd813e2a43f0dd611affa8ec2b5471_JaffaCakes118

Files

62cd813e2a43f0dd611affa8ec2b5471_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b276f36dc6dba98b2cb1247eb1b4d80d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EscapeCommFunction
ExitProcess
MoveFileA
SetHandleCount
UpdateResourceW
lstrcatW

advapi32

GetEffectiveRightsFromAclW
GetNamedSecurityInfoW
GetSecurityDescriptorOwner
GetSecurityDescriptorSacl
LookupAccountSidA
RegDeleteKeyA
RegLoadKeyA
RegisterEventSourceW
SetSecurityDescriptorSacl

user32

CloseWindow
DialogBoxParamW
GetTopWindow
MapVirtualKeyA
SetKeyboardState

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE