7852c7f2ac9d380794e610f0116ee4a7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7852c7f2ac9d380794e610f0116ee4a7_JaffaCakes118
Size

375KB
MD5

7852c7f2ac9d380794e610f0116ee4a7
SHA1

124a78f2fa58e641eeff9ecbc6ba2159464c4744
SHA256

868e7b0f78991048311f1037fdb946b4cbf59c117028f4ea9e44bb4bd2beb182
SHA512

18d4b2e098283aa748df56f9f0627db993e52b5fd5e4e378ff99f0aada4fb935ad616e588c7f53cc960ed794fc783e958b8fe7da83e845c389ccdb0e69d6150a
SSDEEP

6144:RcbschHQn6pzyuRz2Z+n+Ywz6wYhw2mAsOMhMEf9Ax9SWMxBk2KEJ:R4HQnOOuRi4mzwhgfhMEfg9SWMxBk2KS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7852c7f2ac9d380794e610f0116ee4a7_JaffaCakes118

Files

7852c7f2ac9d380794e610f0116ee4a7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2941fa7166883d7f2a42046d63ec118d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
CreateFileW
GlobalUnlock
LoadLibraryW
CloseHandle
CreateThread
lstrcpyA
GetModuleHandleA
GetCurrentThreadId
UnmapViewOfFile
PulseEvent
GetSystemTime
Sleep
HeapCreate
GetComputerNameA
GetCurrentDirectoryA
GetCommandLineA
ResetEvent
LocalFree
lstrlenA

user32

FillRect
DispatchMessageA
SetFocus
IsWindow
GetDC
CallWindowProcA
GetCaretPos
CheckRadioButton
DrawEdge
GetDlgItem
DrawMenuBar
CreateIcon
CreateWindowExA

cryptui

WizardFree
CryptUIDlgSelectStoreA
CryptUIDlgCertMgr
CryptUIDlgSelectCA
LocalEnroll

appwiz.cpl

ConfigStartMenu

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 299KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ