74368fa0320c3223bd53ac856dd52cc7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

74368fa0320c3223bd53ac856dd52cc7_JaffaCakes118
Size

130KB
MD5

74368fa0320c3223bd53ac856dd52cc7
SHA1

eb815a5ee5335541a6fe388f37f32859031564a3
SHA256

f3aa6676d4e83c97eb11a4a6f007a7a0b5d521b599abb35b4ddfdf6737b14cf6
SHA512

0f0138f416f030e62bb297bab74a6f92afc1e0368bf3b6565c2e1a19068e3abd30ffdb8ff061263d957c663145d8ba67dfaed7537f4042acbb98b7e1c2f4866c
SSDEEP

3072:JQfCUWh3Obpj6fUXTJXkNApgSKrq4IPqAOt:oCUWkb9JmCpgS0q4IPFO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74368fa0320c3223bd53ac856dd52cc7_JaffaCakes118

Files

74368fa0320c3223bd53ac856dd52cc7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

54ee8361a167c3154cc1ce29645ec2fa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadReadPtr
ResetEvent
TlsGetValue
FreeConsole
GetModuleHandleA
IsBadStringPtrA
GetLastError
SetLocalTime
GetCommandLineA
EnumResourceTypesW
CloseHandle
FindClose
LocalFree
GetDriveTypeW
SetLastError
GetDateFormatA
CancelIo
LoadLibraryExW
GetDiskFreeSpaceExA
VirtualProtect

advapi32

CloseEventLog
RegEnumKeyExA
LsaFreeMemory
AccessCheck
OpenEventLogA
FreeSid
RegCreateKeyExA
GetLengthSid
GetFileSecurityW
LsaClose
CloseTrace
RegCloseKey
IsTokenUntrusted
RegCloseKey

hnetcfg

HNetFreeSharingServicesPage
HNetDeleteRasConnection
DllGetClassObject
HNetGetSharingServicesPage
DllRegisterServer

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ