a4791e52aa605d9548d6ce46135c3777_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a4791e52aa605d9548d6ce46135c3777_JaffaCakes118
Size

28KB
MD5

a4791e52aa605d9548d6ce46135c3777
SHA1

2791c32ae46b26e1524a8c2dfe9ba348a3c9fac0
SHA256

d98794bfa99bd0c0e5deba75f2aeb1a8c056b798954cbb8c09d6a7d992dd514f
SHA512

c06e92fd7ead9589035b260e7976ac631a1854885c90c7a61d97bab91acf4c5cb9fceae2fb7396521825fe342f323a9ab533161ed66f032b0fff7d559add1ade
SSDEEP

768:BpzyfQuqI1AYiAjaa0MYNNlH1kYFnlHE:3z1uPRiAjaaaNlBFnO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a4791e52aa605d9548d6ce46135c3777_JaffaCakes118

Files

a4791e52aa605d9548d6ce46135c3777_JaffaCakes118
.exe windows:5 windows x86 arch:x86

95f739dd607febf3cd61dd90af1e427e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
IsValidSid
CloseServiceHandle
RegDeleteKeyA
SetSecurityInfo
AdjustTokenPrivileges
OpenServiceA
RegConnectRegistryA
FreeSid
SetKernelObjectSecurity

user32

SetUserObjectSecurity
IsDialogMessageA
GetMenuItemCount
GetSysColorBrush
DefMDIChildProcA
CheckRadioButton
ExitWindowsEx
SystemParametersInfoA
InvalidateRgn
SetDlgItemTextA

msvcrt

wcsncpy
_beginthreadex
wcschr
_strcmpi
memset
_wsplitpath
strcmp
wcsrchr
fgets
_exit

ole32

OleGetClipboard
CoGetCurrentProcess
CoLoadLibrary
OleFlushClipboard
OleSetMenuDescriptor
CoGetMarshalSizeMax
OleRun
OleCreateEmbeddingHelper
CoTreatAsClass
CoResumeClassObjects

kernel32

FileTimeToSystemTime
GetProcessHeap
WriteConsoleW
MapViewOfFile
ExitProcess
GetExitCodeThread
lstrcmpiA
GetACP
PulseEvent
OutputDebugStringA
DeviceIoControl
SetEndOfFile
CreateFileA
DeleteCriticalSection
GlobalReAlloc
IsBadStringPtrA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ