95192eccf91e4c7a1a5e06f79d77fd86_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

95192eccf91e4c7a1a5e06f79d77fd86_JaffaCakes118
Size

88KB
MD5

95192eccf91e4c7a1a5e06f79d77fd86
SHA1

d127d2b14822e3f63a892a1c143dd1185d3bae96
SHA256

0c0203c43d9edc392bbdcd66ae02369637f38b782763840ec1ebeb69ab45e199
SHA512

98f5f3608bf9a58ee374c3e6335e1f8f44acc2f069cc6e3dd3160c13b0e2dc251f0191c185cc709ad0b90807191c1b8278a94f60be894fee58bf0d1b3e9e5be4
SSDEEP

1536:HjF2iyWFKmo9/2d4Aa3aGZ+p355Mwq3ySkTqu0acnC87I:HjF2m9Uc4FbZ+pX6y/TqpnCj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95192eccf91e4c7a1a5e06f79d77fd86_JaffaCakes118

Files

95192eccf91e4c7a1a5e06f79d77fd86_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5e60ef87966170113aa1d395070fafe8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExW
GetDriveTypeW
TlsGetValue
IsBadStringPtrA
FindClose
GetLastError
EnumResourceTypesW
CancelIo
GetDiskFreeSpaceExA
IsBadReadPtr
GetCommandLineA
GetModuleHandleA
LocalFree
VirtualProtect
ResetEvent
DeleteCriticalSection
SetLastError
CloseHandle
GetDateFormatA
FreeConsole

advapi32

IsTokenUntrusted
GetFileSecurityA
LsaClose
CloseEventLog
AccessCheck
FreeSid
LsaFreeMemory
OpenEventLogA
LsaSetSecret
RegCreateKeyExA
RegCloseKey
RegLoadKeyA
CloseTrace
RegCloseKey

glmf32

glsBlock
glsBinary
glsChannel
glsGetError
glsCharubz

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ