73e9cf2d44894ec8e7e6104cd51e281d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

73e9cf2d44894ec8e7e6104cd51e281d_JaffaCakes118
Size

52KB
MD5

73e9cf2d44894ec8e7e6104cd51e281d
SHA1

8838087a93ce2be89ef6c9f6dfa23316ea9b543d
SHA256

77b10198b0ec176dfb77ad1e7a3f0a2b48069693eb02e5fa4e3bbda3531f4b24
SHA512

9836a87583a15569ac9892226f1d6b2292d2e189b181eed9eb32f8cb7034400f811672b169f39c62fc2adec3598c7c9bef9fdb5021cf0bcd0d81ce3d74579a6b
SSDEEP

768:M7timYhL+FtRgIxVPc3QTigyGkz6SU8hn/6WeP641jKKiXr7YoTg7/NNov2:6hEL+FtBYQTFkP6WejKvY4g7/NI2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73e9cf2d44894ec8e7e6104cd51e281d_JaffaCakes118

Files

73e9cf2d44894ec8e7e6104cd51e281d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1da80e99f462b4c05df52e4d8d72f20e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
EnumResourceTypesW
ExitProcess
FindFirstChangeNotificationW
GetFileSize
GetNumberFormatA
GetPrivateProfileSectionW
GetThreadTimes
HeapLock
IsDebuggerPresent
SetComputerNameW
SetStdHandle
WriteConsoleInputA
WriteConsoleOutputCharacterW

advapi32

AllocateAndInitializeSid
BuildTrusteeWithSidW
ControlService
CryptSetProviderExA
GetNamedSecurityInfoW
GetNumberOfEventLogRecords
GetSecurityDescriptorControl
RegGetKeySecurity
RegNotifyChangeKeyValue
RegReplaceKeyA
RegUnLoadKeyW
RegisterEventSourceA
SetThreadToken

user32

CopyAcceleratorTableW
CreateMDIWindowA
DragDetect
GetKeyState
GetOpenClipboardWindow
IMPSetIMEA
SetClipboardViewer
SetScrollRange
SetWindowLongW

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE