680ab65467f269c17bf62a5a93c7efdc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

680ab65467f269c17bf62a5a93c7efdc_JaffaCakes118
Size

25KB
MD5

680ab65467f269c17bf62a5a93c7efdc
SHA1

97bcd56d3eaee419ae1759aafd73b6b255e24e95
SHA256

f85191064adf2a1f607dcdd4b1fb8ab3c27281450b7864d897ddff680b1a1bc8
SHA512

bffb33eeb063b1078309516b5376a1d00b681bc79fdb610e862ce85ad54862a3c6e7423488c046a21bd07fa4e9e06968345b0f7b30913c9b78cf28d3fd90cb22
SSDEEP

384:6RDKkCpuPBx2MzSsXk5r3XmqO/h1T4M3dfdCu8VwAHzeGOK3kQk4ibG:6RDKkCQj2CSv3l673pU3HKGOK3TkDbG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
680ab65467f269c17bf62a5a93c7efdc_JaffaCakes118

Files

680ab65467f269c17bf62a5a93c7efdc_JaffaCakes118
.exe windows:1 windows x86 arch:x86

e2c69898e19633e9830253504d1e2896

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ElfDeregisterEventSource
CryptGetKeyParam
FindFirstFreeAce
GetSecurityDescriptorDacl
GetTokenInformation

kernel32

ClearCommBreak
ConvertThreadToFiber
CreateEventA
CreateMutexA
DefineDosDeviceA

Sections

.text
Size: 18KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE