660816ee3e8b54b7177a45198fc675fe_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

660816ee3e8b54b7177a45198fc675fe_JaffaCakes118
Size

42KB
MD5

660816ee3e8b54b7177a45198fc675fe
SHA1

d13e600902767bed66db837b7a56f0fb9ef62aed
SHA256

f4f79b4c40105e7b4da0286770018ede6c5a1a7c0d36f82cd52491f75a3011e6
SHA512

ca62ac3be89dc0f1d7a7b0cce79f427b44404283e2c9bb9eff7f6d1fec93ef33177ae815995244da3f736e713270e62b05c37a72e01411328ec704b590a5aea6
SSDEEP

768:+alqIlfjEvpfxeUiap8BZH7Ad6th47Zk7gSAMdOKYGKTcZ562jbRBwmHUKFCYqZt:vlqIlf2pfxeWp8Xjth49qRAMOfTahjbU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
660816ee3e8b54b7177a45198fc675fe_JaffaCakes118

Files

660816ee3e8b54b7177a45198fc675fe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e914fb2e643fb6075aa67b0017014bd1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumResourceNamesA
ExitProcess
GetProcessAffinityMask
IsBadWritePtr
IsProcessorFeaturePresent
LoadLibraryW
MapViewOfFile
MulDiv
OpenFileMappingA
PeekNamedPipe
RaiseException
SetConsoleMode
SetLocalTime
SetProcessWorkingSetSize
SetThreadPriorityBoost
WaitForMultipleObjects
WideCharToMultiByte
WriteConsoleA
WriteConsoleOutputA
_lcreat

advapi32

BuildImpersonateExplicitAccessWithNameW
BuildSecurityDescriptorW
CloseEventLog
CryptDestroyHash
CryptSetProviderExW
GetCurrentHwProfileA
GetLengthSid
GetPrivateObjectSecurity
MakeAbsoluteSD
NotifyChangeEventLog
ObjectDeleteAuditAlarmA
OpenEventLogA
RegConnectRegistryW
SetNamedSecurityInfoW
SetServiceBits

gdi32

CloseMetaFile
CreateDCA
EnableEUDC
FlattenPath
GetBitmapBits
GetBitmapDimensionEx
GetCharABCWidthsFloatW
GetLogColorSpaceW
GetTextAlign
StrokePath

Sections

.text
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE