9562a3cb30afa4038f7ab61cde8e4fe7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9562a3cb30afa4038f7ab61cde8e4fe7_JaffaCakes118
Size

39KB
MD5

9562a3cb30afa4038f7ab61cde8e4fe7
SHA1

7b345e5958fe83f16825d901c7197011545523fc
SHA256

b4ba70cd6d06c28971be68196ad5b9520a77228c9f41a92a156c90aea63b6dc6
SHA512

47e6f13b7064e5bbf9e2a1e2aaa88cd41260aa7303ed3862dd67b2d9b9fce18cd1b1b9d0f62beda3ff6c0584c9fe3cfbc4e7867fe52c740dc30e8d1e206a7257
SSDEEP

768:+0kmHIbGEdwzDk9KzCV8L4Sokf/GCVAIBwu9ksBg1uynCxah:NJI66Kz48Lfokf/GCXwIjBg1uynIa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9562a3cb30afa4038f7ab61cde8e4fe7_JaffaCakes118

Files

9562a3cb30afa4038f7ab61cde8e4fe7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8ee196d7d42bca416ba7d80adc6250d5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFiber
DefineDosDeviceW
ExitProcess
GetCurrentProcessId
GetEnvironmentVariableA
GetProcessShutdownParameters
GetShortPathNameA
InterlockedIncrement
PrepareTape
RaiseException
SetCommState
SystemTimeToFileTime
UnlockFile
WritePrivateProfileSectionA
_lopen

advapi32

BuildTrusteeWithSidW
CryptImportKey
CryptSetHashParam
CryptSetProviderW
GetPrivateObjectSecurity
RegSetValueExA
RegUnLoadKeyW
SetServiceStatus
StartServiceA

user32

CreateWindowStationA
FlashWindow
GetKBCodePage
GetSysColorBrush
GetWindowTextW
ScrollWindowEx
SetClassLongW
SetClassWord
SetClipboardData
ToUnicodeEx
ValidateRect
ValidateRgn

Sections

.text
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE