692ec94f45ed395f3298128326f618a1_JaffaCakes118 | Triage

Sharing

General

Target

692ec94f45ed395f3298128326f618a1_JaffaCakes118
Size

459KB
MD5

692ec94f45ed395f3298128326f618a1
SHA1

9dc20aa1f0f6cb99f90592b21abc2518a3781469
SHA256

f76a5dfc6dd48a05aa303a624afc778a2a55063b1081e54f8673483a2a871f42
SHA512

df5c66a0f48d520557cea0fdada6589eb2d3e96bf84636ae699b9420c91011fe5edbc04f34c41399c96ff6e4b13b15aec06557b84c1aad8d1b076acbcd5ae6e1
SSDEEP

12288:vWUyj1XDAsXKzgDZAmz9Rp9MAtf0pgaVlq20S5:b01k6KEymzIppgaVkzi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
692ec94f45ed395f3298128326f618a1_JaffaCakes118

Files

692ec94f45ed395f3298128326f618a1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

90b152239f0bb076087565b25875d147

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CloseServiceHandle
OpenSCManagerA
LookupPrivilegeValueW
QueryServiceConfigA
InitializeAcl
LookupAccountSidA
RegDeleteKeyA

user32

GetClassNameA
TranslateAcceleratorA
InvalidateRect
SetCursor
GetMenuCheckMarkDimensions
GetWindowDC
LoadImageA

ole32

OleRegEnumVerbs
CoCreateGuid
CoIsOle1Class
CoGetStdMarshalEx
OleSetContainedObject
OleDraw
CoMarshalHresult
OleRun

msvcrt

_isctype
_strnicmp
wcsncpy
_chdir
wcsncmp
atol
exit
realloc

gdi32

StartPage
EndDoc
SetBkColor
MoveToEx
Rectangle
DeleteObject
SetTextAlign

kernel32

GetExitCodeThread
MultiByteToWideChar
GetModuleHandleA
lstrlenW
GetVersionExA
EnterCriticalSection
GetCurrentThreadId
GetLocaleInfoW
GetProcAddress
GetCurrentProcessId
SetEndOfFile
SetLastError
ReadProcessMemory
GetConsoleCP

Sections

.text
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ