a3691ea1a3f442893313230d753124bf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a3691ea1a3f442893313230d753124bf_JaffaCakes118
Size

53KB
MD5

a3691ea1a3f442893313230d753124bf
SHA1

197b369bcc0954ef7a7dc2db29ddc4f57e1c4765
SHA256

b6d52815b80cd04b5430db6ae016ca8cf32e4beb31e0876fec6fdcf375c607b3
SHA512

af3535a96e10290870cf89c8e1caadae7434894feb19870cc66fdfb8bd3e546bc6a646d823c44b8b18a68407d14a1ea2e092dcabebb2a8a47c29bdc0b636e2e2
SSDEEP

1536:uq0jD2wNsrVpFmcHrWn2Qga67RXaooSvTMCfw:uqMkrVzLW2R7iS7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3691ea1a3f442893313230d753124bf_JaffaCakes118

Files

a3691ea1a3f442893313230d753124bf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4426ea890c999e9d4e05fd1a75aa2b7c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryW
DefineDosDeviceW
ExitProcess
GetSystemTime
HeapUnlock
ReadFileEx
SetComputerNameA
Sleep

advapi32

GetAce
IsValidSid
ObjectPrivilegeAuditAlarmW
RegQueryInfoKeyA
RegQueryInfoKeyW
RegSetValueW
TrusteeAccessToObjectA

user32

AdjustWindowRect
ChangeMenuW
EnumPropsW
GetClassLongA
GetClipboardFormatNameA
GetTopWindow
InSendMessage
IsDialogMessage
LoadCursorA
RemovePropA
SendMessageTimeoutW
SetClassLongW
SetDebugErrorLevel

shell32

CommandLineToArgvW
Control_RunDLL
ExtractAssociatedIconExW
FindExecutableW
SHQueryRecycleBinA
SheGetDirExW
SheGetDirW
SheGetPathOffsetW
ShellAboutW
ShellExecuteW

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE