6ae0b280033d19203726f8d2030f892c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6ae0b280033d19203726f8d2030f892c_JaffaCakes118
Size

60KB
MD5

6ae0b280033d19203726f8d2030f892c
SHA1

296f15fd2a65f621667a8e2f8f790031750b06f1
SHA256

4f730bf431b018e96b8026d598c060313d25ed301e449aaed43da14a68d5aa63
SHA512

6a82b55350ec034e8f717a7baa59f4dd4b9f4247e87c27ede4e90678d1f9f934acd1fdb598bd0a9e0f4964d486b9b9177794547d51216a93e50bf593424bafd2
SSDEEP

1536:1e9xhW6zbIoqQiXzuF+f22+DQz7EGF2DJi:yv7DiXqFIHwQz7XKJi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6ae0b280033d19203726f8d2030f892c_JaffaCakes118

Files

6ae0b280033d19203726f8d2030f892c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

20e91f8f00fa5373fc9a49848ba20fb5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateSemaphoreW
EscapeCommFunction
ExitProcess
FoldStringA
GetExitCodeThread
GetFileType
GetHandleContext
GetProfileIntW
PeekNamedPipe
SetCommMask
SetCurrentDirectoryA
WaitForSingleObjectEx
WriteProcessMemory

advapi32

AddAccessDeniedAce
BuildSecurityDescriptorA
CryptExportKey
FreeSid
GetCurrentHwProfileW
GetNamedSecurityInfoExW
GetSecurityInfo
OpenSCManagerA
RegRestoreKeyW

user32

BroadcastSystemMessageA
CharToOemW
DdeEnableCallback
EnumDesktopsA
GetClipboardOwner
GetOpenClipboardWindow
HiliteMenuItem
IsDialogMessageW
KillTimer
RemovePropW
SendMessageCallbackA
SetWindowLongW
TileChildWindows
UnloadKeyboardLayout

Sections

.text
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE