7206ae9c378c8117c336570af5272996_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7206ae9c378c8117c336570af5272996_JaffaCakes118
Size

51KB
MD5

7206ae9c378c8117c336570af5272996
SHA1

c7a8aa18e44f754ebb0643b5b67632cdbbe5b3e1
SHA256

f93e976eb8f037d7afb4f3b606bd883dc1a88e0f033e2b4852985d9f41df31e7
SHA512

ca04bd88478c80069127c290489bf010f01fc1bbab276feb540c3f9ed77e11ec74aa6ac8d09e0291a046484ed8c5e91621f033019bf0bace7ed407c443f7658c
SSDEEP

768:BWlWSiJXtSE45wqsrywljSLblMR1nNgIXOMXgDiNujxWhu6D+bZbEYP/SIpCvkjH:BWlWSqdS4qJwSxMjnNds8ujq+FH/sOP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7206ae9c378c8117c336570af5272996_JaffaCakes118

Files

7206ae9c378c8117c336570af5272996_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3791b5a21bd0b9188cda9668265f2b5d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CallNamedPipeW
EnumCalendarInfoExW
ExitProcess
GetCommProperties
GetCommState
GetConsoleTitleA
GetNamedPipeHandleStateA
IsProcessorFeaturePresent
MapViewOfFileEx
SetHandleCount
SignalObjectAndWait
WritePrivateProfileStringW

advapi32

CloseServiceHandle
CryptDuplicateHash
CryptEnumProvidersW
CryptHashData
CryptReleaseContext
EnumServicesStatusW
GetAccessPermissionsForObjectA
LookupPrivilegeDisplayNameW
NotifyBootConfigStatus
OpenEventLogA
RegQueryValueExW
SetEntriesInAclW
StartServiceCtrlDispatcherA

user32

CallNextHookEx
CheckRadioButton
ChildWindowFromPoint
CreateIconFromResourceEx
DdeKeepStringHandle
DlgDirListComboBoxA
DrawCaptionTempA
EnableMenuItem
GetClipboardOwner
GetKeyboardState
IMPSetIMEA
InsertMenuW
InvalidateRgn
IsCharUpperA
ShowWindow

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE