8978072aaaccb0cc295aa0e4e7677354_JaffaCakes118 | Triage

Sharing

General

Target

8978072aaaccb0cc295aa0e4e7677354_JaffaCakes118
Size

54KB
MD5

8978072aaaccb0cc295aa0e4e7677354
SHA1

9c654c257a47e65556b592f83ab0483ef74a991a
SHA256

cfde10f756ee68bca22b82962c8156a207381f429452225f56a2d9e9c8b71dad
SHA512

3b51443e3acdcce4c484708f8416c83ffb908037907ad006a504bd5460421c75e53811bb1f9f988b903901a4172ebe3165169be8ed6e2b03e2de0648226113ed
SSDEEP

768:q0EB/E26PGvDaU8OYDe26mBC9fhXaQaWfmkSuhKX9xcJL1rnotojd+Bv+m9IFxSX:UszlU7evRgQQaFxcJJMSjd+l+m9IFMX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8978072aaaccb0cc295aa0e4e7677354_JaffaCakes118

Files

8978072aaaccb0cc295aa0e4e7677354_JaffaCakes118
.exe windows:4 windows x86 arch:x86

66ed89c3f756fbea47989ae6ce74f7c8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BeginUpdateResourceA
CreateIoCompletionPort
DeleteFiber
ExitProcess
GetSystemInfo
InterlockedExchange
LocalHandle
OpenMutexW
ReadConsoleW
SetCriticalSectionSpinCount
Sleep
lstrcpyA

advapi32

CryptContextAddRef
CryptEnumProviderTypesA
GetExplicitEntriesFromAclW
GetNamedSecurityInfoExW
IsValidSecurityDescriptor
LookupSecurityDescriptorPartsW
OpenServiceA
RegCreateKeyExW
RegQueryMultipleValuesA
SetThreadToken

user32

ChangeDisplaySettingsA
CopyAcceleratorTableA
DestroyIcon
EnableWindow
GetAltTabInfo
GetKeyboardLayoutList
IsDialogMessageW
RegisterClassExW
SetKeyboardState

gdi32

CreateColorSpaceW
CreatePen
GetGraphicsMode
GetLayout
PatBlt
PolyBezier
ScaleViewportExtEx
SwapBuffers

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE