8ca6756c08b90bc9e0b75038c70fbfcb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8ca6756c08b90bc9e0b75038c70fbfcb_JaffaCakes118
Size

53KB
MD5

8ca6756c08b90bc9e0b75038c70fbfcb
SHA1

49719e7e0a68ff3154b3e0d2c872c3da05ec3000
SHA256

1b458cf47da17845ad43e07177b363f934308b43be8b8af8437b4e9cbccb4844
SHA512

e5b60e7b80149b682183addf38485198fc3faee507333f69a6be93b84b250ac226c339829944af108ed512b3f473bbb4c4d9bcfede9574c8d620cbde3a9354ca
SSDEEP

768:hmosO57EOMKrtRZ4eJwNWFh4jn5UWZPB/kXF8EUqFdBReITqc50nsiO/NXJ3rK4g:Z7qO1RSbAMj5ZfG6aBRdGcaKfrK43M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ca6756c08b90bc9e0b75038c70fbfcb_JaffaCakes118

Files

8ca6756c08b90bc9e0b75038c70fbfcb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0071aca44f4b1f8945dfd564e96261f3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddAtomA
CopyFileExA
ExitProcess
GetNamedPipeInfo
GetProfileIntW
GetWriteWatch
LocalUnlock
OutputDebugStringW
RemoveDirectoryA
WriteConsoleOutputW
lstrcmpiW

advapi32

AddAce
ConvertSecurityDescriptorToAccessA
CryptDuplicateHash
GetNamedSecurityInfoExA
GetSidLengthRequired
InitializeSecurityDescriptor
RegEnumKeyExW
RegisterEventSourceA
RegisterServiceCtrlHandlerW
SetEntriesInAccessListA
SetSecurityDescriptorSacl

shell32

Control_RunDLL
DllInstall
DoEnvironmentSubstA
SHBrowseForFolderW
SHGetFileInfo
SHGetPathFromIDList
SHGetPathFromIDListW
SHGetSpecialFolderPathA
SHLoadInProc
SheConvertPathW
SheGetDirW

gdi32

BeginPath
CreateICA
EndPage
FillPath
GetCharWidth32W
GetMapMode
GetROP2
GetSystemPaletteEntries
GetTextExtentPointW
GetWinMetaFileBits
ResetDCA
SetFontEnumeration
SetPixelV
UnrealizeObject

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE