66f4679ef6f511b2f377d34cc96c2f4c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

66f4679ef6f511b2f377d34cc96c2f4c_JaffaCakes118
Size

361KB
MD5

66f4679ef6f511b2f377d34cc96c2f4c
SHA1

49fd5854d7987cc6527e2f5f3dc74468519cfb6c
SHA256

1e7985ae6701b1d1158c0b82de1cf2bfbf25c31100e33b02a3b58fa0d1cc66ee
SHA512

e32e6192b99c7122ed96c53b6467428731aa155dea113623e82c0fbfb2496bf3b996cc83dd4d89f50a8d0d55499fda978fecfed620e7a2823e37579922c463c5
SSDEEP

6144:nIpIOdvgE/dn1TIXrRGeNvX8bGK3n2kIRag3EdglahMtl2OE+wTMCXsn:IpNd/dn1IFK3ndgWglahfWwTen

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66f4679ef6f511b2f377d34cc96c2f4c_JaffaCakes118

Files

66f4679ef6f511b2f377d34cc96c2f4c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d8193fbd696d199567e962696ea59c03

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindAtomA
DeleteCriticalSection
CreateMutexA
VirtualProtect
TlsGetValue
ReleaseMutex
FindResourceExA
FindVolumeClose
GetTickCount
GetLastError
SearchPathA
CreateThread
CloseHandle
FindClose
GetModuleHandleA
lstrlenA
SetEvent
GetCalendarInfoA
Sleep
GetSystemInfo

user32

GetUpdateRect
IsIconic
CreateMenu
GetMessageA
CloseWindow
GetKeyState
DispatchMessageA
CopyImage
EnableWindow
DragDetect
DialogBoxParamA
GetScrollBarInfo
CreateWindowExA
EndDialog

polstore

IPSecCopyNFAData
IPSecAllocPolStr
IPSecFreePolStr
IPSecAllocPolMem
IPSecAssignPolicy

advapi32

RegCloseKey

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ