8ec580f1ddb2864c901cefc151352e4f_JaffaCakes118 | Triage

Sharing

General

Target

8ec580f1ddb2864c901cefc151352e4f_JaffaCakes118
Size

130KB
MD5

8ec580f1ddb2864c901cefc151352e4f
SHA1

7dcb7c7e819e2cbcfd762ca330f645eaa555a74f
SHA256

a373f5acd4d7a924420e70b76ee7e6a97416a961d0d7f8bb368a39c6315f592a
SHA512

a5bf833e0a14897aaaff75a4a8daa45494ef003be11700a3dd7fb4201d3ec6029b84131de7ac8e92620bf5fb51441bb7c404519f844f7dc533d03d94887e963c
SSDEEP

1536:kAsdolp7/LLAyAIaFngIM3vWh+uaBFM/RVtVzzbrbJ8m1yxuu8Wx3rh:kGTjLAyLSD4ve+lBGpBP7JUPh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ec580f1ddb2864c901cefc151352e4f_JaffaCakes118

Files

8ec580f1ddb2864c901cefc151352e4f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

960dbc72d0d4e008a52bf145749e9caf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
FreeConsole
ResetEvent
GetModuleHandleA
IsBadStringPtrA
CloseHandle
SetLastError
GetLastError
EnumResourceTypesW
CancelIo
Heap32First
LoadLibraryExW
VirtualProtect
SetLocalTime
IsBadReadPtr
TlsGetValue
GetCommandLineA
GetLogicalDrives
GetDiskFreeSpaceExA
FindClose

advapi32

RegQueryValueA
CloseEventLog
GetFileSecurityW
RegCloseKey
LsaFreeMemory
RegEnumKeyExA
RegDeleteKeyA
GetLengthSid
RegEnumValueA
FreeSid
IsTokenUntrusted
RegCreateKeyExA
LsaClose
RegCloseKey

hnetcfg

DllGetClassObject
HNetFreeSharingServicesPage
HNetGetSharingServicesPage
DllRegisterServer
HNetDeleteRasConnection

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ