825307dc76ccc7c3e9979858182759e2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

825307dc76ccc7c3e9979858182759e2_JaffaCakes118
Size

40KB
MD5

825307dc76ccc7c3e9979858182759e2
SHA1

7489bb9b5021270451b599fecbac3616dc8b0cc4
SHA256

208e5e380c1f81922bee39f4c20d58a8f375628fe526f590d849ed5c13b458ea
SHA512

43fdf67b98a585fb3a5ef63969da182674cab0fafd5be08a14cd6dfc5464725456ca212013f5828298d8762a0d4a2f501e7f291f64f3c6dbc941626846ceef34
SSDEEP

768:+LRZrFH25DW22eDHIeGf1pM80FIS3x+lgq5IzUm4MdMyBhfrCdWuXk:0rFH2JBIn+FIYmKZ5Bhe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
825307dc76ccc7c3e9979858182759e2_JaffaCakes118

Files

825307dc76ccc7c3e9979858182759e2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7e0ba43c9846418d18b766a8f0f632f2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CancelWaitableTimer
ExitProcess
GetCommMask
GetCommandLineW
GetEnvironmentStrings
GetLargestConsoleWindowSize
GetModuleHandleW
GetProcessPriorityBoost
GetTapePosition
GlobalGetAtomNameW
LoadLibraryExA
MoveFileExA
ReadConsoleOutputCharacterA
SetTimeZoneInformation
WaitCommEvent

advapi32

CryptEnumProviderTypesW
CryptGetHashParam
CryptHashData
FreeSid
GetOverlappedAccessResults
LookupPrivilegeNameA
LookupPrivilegeValueA
QueryServiceLockStatusA
QueryServiceObjectSecurity
RegCreateKeyExW
RegLoadKeyA
RegOpenKeyExW
RegQueryInfoKeyA

gdi32

CreateBitmap
CreateDiscardableBitmap
EndPage
EnumICMProfilesA
GetBoundsRect
GetCharWidthFloatW
GetCharWidthW
GetColorAdjustment
GetMiterLimit
GetPixel
GetTextExtentPoint32A
GetWindowOrgEx
OffsetRgn
RoundRect

Sections

.text
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE