825262055497de27ec2ef41ca0d4a7f9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

825262055497de27ec2ef41ca0d4a7f9_JaffaCakes118
Size

48KB
MD5

825262055497de27ec2ef41ca0d4a7f9
SHA1

4b76918899d8ca2a58072646d854a5d84d9049d2
SHA256

a9151c1d1318318f9ae76612256be69ac347eba2cbe729466f4221d50d0d7aa9
SHA512

3de3aadffbc8ef11ff02a62d931ae05d35d5bc1210d1251d7ff63aabe6a99dac3da9c2735565bd86ad5930755f84cb4be5c8672cecbb2bf50aa068102c0f5661
SSDEEP

768:zFpFP1DiQF/a6oo3P1PuOzeyn9U4zMsikRx14wK/UuuP6UDRvH7tuJxuOT9AwYfN:zFp9ge/a6owP9uLW64IsnEk6SRf7EJx4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
825262055497de27ec2ef41ca0d4a7f9_JaffaCakes118

Files

825262055497de27ec2ef41ca0d4a7f9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

10ea5d016a1e33430e1113de25b1ac67

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BuildCommDCBAndTimeoutsW
CreateThread
DisableThreadLibraryCalls
ExitProcess
GlobalAddAtomW
GlobalAlloc
GlobalMemoryStatus
LocalSize
SetConsoleActiveScreenBuffer
TryEnterCriticalSection
_lwrite

advapi32

CryptAcquireContextW
CryptGetKeyParam
GetAuditedPermissionsFromAclA
GetCurrentHwProfileW
GetExplicitEntriesFromAclW
LogonUserW
QueryServiceObjectSecurity
RegEnumValueW

shell32

Control_FillCache_RunDLLA
ExtractIconA
FreeIconList
SHGetFileInfoA
SheGetDirW
SheRemoveQuotesW
Shell_NotifyIconW

gdi32

EndPath
FrameRgn
GetLogColorSpaceW
GetObjectW
PtInRegion
RealizePalette
SetMiterLimit

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 47KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE