8924cb13cea17017b8a92d6249b12ca9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8924cb13cea17017b8a92d6249b12ca9_JaffaCakes118
Size

63KB
MD5

8924cb13cea17017b8a92d6249b12ca9
SHA1

4fd0a0c8626e07f0e21ca32a93f8ed29785f88ad
SHA256

3852083f5076d47287fc098bf5004f06ef095a4b1930605721a7a0877c3cc5ad
SHA512

0045cba1d3b5e37f6d7cbe8b21a28c4ad9623e98a1852ad2b0768ea0ef734885c1f9dfc9123952320bd7ba931fdd713c43458f812a6e50509df7b57609a86d18
SSDEEP

1536:ebqWNaibH/1aLaAzylUkIoERrjn6P+f8/XqN:Vqaib9ll7Io63ngQ8/X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8924cb13cea17017b8a92d6249b12ca9_JaffaCakes118

Files

8924cb13cea17017b8a92d6249b12ca9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8bf1a8765f936834c30b35b3c35f7c84

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptHashData
DuplicateTokenEx
RegQueryValueExA
CryptDestroyHash
RegDeleteValueA
GetUserNameW
CryptReleaseContext

kernel32

EnterCriticalSection
GetModuleHandleA
CloseHandle
HeapAlloc
GetProcAddress
FindClose
Sleep
lstrcatA
HeapFree
GlobalLock
WideCharToMultiByte
GetFileSize
GetTickCount
ReleaseMutex
GetAtomNameW
VirtualProtect
GetSystemTime
MultiByteToWideChar
lstrcmpiW
VirtualAlloc

shlwapi

PathMatchSpecW
SHDeleteKeyA
PathFileExistsW
wnsprintfA
PathRemoveFileSpecW
StrStrW

user32

LoadCursorA
MsgWaitForMultipleObjects
ToUnicode
CharLowerBuffA
SetThreadDesktop
ExitWindowsEx

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 195B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 193B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 250B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE