8434639e532ee1781b6898771a734c8c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8434639e532ee1781b6898771a734c8c_JaffaCakes118
Size

52KB
MD5

8434639e532ee1781b6898771a734c8c
SHA1

f7cf9b24f13524f2747da696f00058df5316ee2d
SHA256

c6e35114241b30589aa7d9e3a7b0761b9e33db888a666c5a6166019372b403c1
SHA512

268d91d2267476f353f06c86f3d0301a80d8de758c9ae749a2bdd4ef48764d8f0461769944fa26a7bc053e088afc69cfb0b9f8a525726424e72ae9f24703d319
SSDEEP

1536:8Y/1yyAzyD+W0nA40P22oLDEcQ3+qpeqf:8Vtz6+WUjaKLDEz1peqf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8434639e532ee1781b6898771a734c8c_JaffaCakes118

Files

8434639e532ee1781b6898771a734c8c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f24c77aee54f86c11f08c0c40569e5a2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileExW
ExitProcess
GetCurrentDirectoryA
GlobalSize
PostQueuedCompletionStatus
TlsAlloc

advapi32

ConvertSecurityDescriptorToAccessA
CryptEnumProviderTypesA
GetAccessPermissionsForObjectW
GetNamedSecurityInfoExW
GetSidSubAuthority
LookupAccountNameA
ObjectPrivilegeAuditAlarmA
OpenSCManagerA
QueryServiceLockStatusA
RegConnectRegistryW
RegEnumKeyA
RegReplaceKeyW
RegSetKeySecurity
SetNamedSecurityInfoA
SetServiceObjectSecurity

user32

CharToOemA
CreateWindowStationW
DdeFreeDataHandle
DdePostAdvise
DdeUnaccessData
GetClassInfoExA
LoadIconA
LoadKeyboardLayoutA
LockWindowStation
MessageBoxIndirectA
OpenDesktopA
RealGetWindowClass
SetFocus
UserClientDllInitialize

shell32

SHGetDataFromIDListW
SHGetDesktopFolder
SHGetFileInfo
SheConvertPathW
Shell_NotifyIconW

gdi32

AddFontResourceW
ChoosePixelFormat
CloseMetaFile
CreateBitmap
CreatePenIndirect
GetCurrentObject
GetFontData
GetMetaFileBitsEx
GetTextColor
GetTextExtentExPointW
IntersectClipRect
PatBlt
PtInRegion
SetLayout
UpdateICMRegKeyW

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE