95072e2467c516ab462a9b013afb2f2f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

95072e2467c516ab462a9b013afb2f2f_JaffaCakes118
Size

39KB
MD5

95072e2467c516ab462a9b013afb2f2f
SHA1

7964c0fffb3b8a66a804a02ffc278a124c73f915
SHA256

8ad3fa34cf2df10521e33bfd55be677caea004ec5c17f6ce059f43161b2dac76
SHA512

c6b0a7791bb69d93a22452390e3cc8960f4ce830ce602fa2847e4d75f82c4eb0e21aeb787bd20d2fa512bbaf9da270d6e5242674348ae20474ae22afc7e6f547
SSDEEP

768:9qoUUoM2QSGk3IOVDbTK98lOxF5CIOrfQtMjXTGPaJu:5oMBSGk3IO9Pva5C3fGPN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95072e2467c516ab462a9b013afb2f2f_JaffaCakes118

Files

95072e2467c516ab462a9b013afb2f2f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

31d907c1db1959fb1a4f5f94e05cf8f2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingA
CreateMailslotW
CreateSemaphoreA
EndUpdateResourceA
ExitProcess
GetLogicalDrives
GetSystemInfo
GetVersionExW
GlobalUnWire
IsDBCSLeadByte
RequestDeviceWakeup
SetConsoleTitleW
SetSystemTime
SetThreadContext
WriteFileEx

advapi32

AccessCheck
AllocateAndInitializeSid
CryptGetUserKey
FreeSid
GetKernelObjectSecurity
GetMultipleTrusteeW
LookupPrivilegeDisplayNameA
PrivilegedServiceAuditAlarmW
RegLoadKeyA
SetThreadToken

user32

CreateIcon
DdeGetData
DrawMenuBarTemp
EnumDisplayDevicesA
ExcludeUpdateRgn
GetCursorPos
InsertMenuA
InvalidateRgn
IsWindowUnicode
LookupIconIdFromDirectoryEx
SetClassLongW
SetPropW

gdi32

CreateDIBitmap
DeviceCapabilitiesExA
Ellipse
GetCharWidthFloatW
GetCurrentObject
GetObjectType
GetSystemPaletteUse
GetTextAlign
GetTextMetricsW
SetBoundsRect
SetViewportOrgEx
UpdateICMRegKeyA

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE